Wait, the npm registry does not SUPPORT two factor, let alone require it?!
While "The Update Framework" exists... https://github.com/ChALkeR/notes/blob/master/Gathering-weak-npm-credentials.md …
-
-
It would be. Pinning versions absolutely would not resolve this issue. See also here: https://gist.github.com/joepie91/828532657d23d512d76c1e68b101f436#see-thats-why-you-should-always-lock-your-dependency-versions-this-is-why-semantic-versioning-is-bad … (and the point below it).
-
Pinning hashes not version labels.
-
Like I already said, see also the point below it. That's precisely what it addresses.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.