An open question is why PyPI doesn’t have the same problem. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		trollbridge 58 days ago \| parent \| context \| favorite \| on: Shai-Hulud Returns: Over 300 NPM Packages Infected An open question is why PyPI doesn’t have the same problem.

pxc 58 days ago [–]

PyPI is also subject to supply chain attacks. What do you mean?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact