hardwaresofton a day ago | next |

Awesome project!

What benefits do you see for your approach over verdaccio or built in package repositories in the famous code hosting sites?

I am mostly because “How does this project compare to X” pages are basically indicators of quality and it’d be great if this project had one (I can basically imagine when I’d use this over run-forever verdaccio or locked-in gh packages)!

gpjanik 18 hours ago | prev | next |

What is "pirate" about this?

A lot of big companies self-host npm to avoid chain of supply attacks.

nubinetwork 18 hours ago | prev |

NPM already has issues with malicious packages in official repos, being able to run your own repos only makes it worse.