@aral serious question, do you ever expect npm audit to pass? Or whatever the thing is that spits out security warnings by the bucketful.

@dch I try for the projects I’m actively developing but some of the stuff they throw out is ridiculous. Would be far more useful if it was actually curated by human beings. (Like, ok, there’s a vulnerability in a development dependency I’m using… thanks, that’s not really hugely worrying for me. Maybe at least layer that info…)

@aral yeah. Oh yeah. I can't imagine any normal sized javascript dev team managing to keep up with any of it. Only the really large teams have the people to dedicate to chasing that down.

off-topic curiosity 

@aral is that the entire word git as a ligature?

off-topic curiosity 

@derwinmcgeary Nope, it’s a powerline font. MesloLGM Nerd Font Regular, to be precise :)


Sign in to participate in the conversation
Aral’s Mastodon

This is my personal Mastodon.