9 points | by Brajeshwar 5 hours ago ago
2 comments
> To that end, I wrote a python script which isolates npm inside short-lived docker containers.
Somewhat ironically, docker is just as subject to this type of attack as npm, the main difference being that it (usually) has a narrower blast radius.
Guessing you meant "python" rather than "docker", as docker is not subject to the same type of attack. However, it's a single .py script that you copy somewhere. Not even close to a typical nodejs project using npm install.
> To that end, I wrote a python script which isolates npm inside short-lived docker containers.
Somewhat ironically, docker is just as subject to this type of attack as npm, the main difference being that it (usually) has a narrower blast radius.
Guessing you meant "python" rather than "docker", as docker is not subject to the same type of attack. However, it's a single .py script that you copy somewhere. Not even close to a typical nodejs project using npm install.