Hacker News new | past | comments | ask | show | jobs | submit | foragerr's comments login

Textbook ad-hominem


But npm already did the damage control and restored an older version, fixing all broken CI pipelines.

What does any of this have everything to do with GitHub?


You know NPM isn’t the only way to install JavaScript packages, right? You can add a GitHub repository directly. Yanking the NPM package doesn’t protect people who are pulling from GitHub directly.


It's a suspicious action, so probably locking the account down until they can get in touch and confirm that's what the user wanted to do, and wasn't hacked etc. Could even be automated between npm and github, a compromise warning or similar. All conjecture though.


Aren't npm and GH all owned by Microsoft anyway?


Yes GH and NPM are part of the same company Microsoft


Build and Release Engineer | Full-Time | Remote

Renaissance Learning Inc | https://www.renaissance.com

We're an US based ed-tech company that makes cloud-based, pre-K–12 educational software and adaptive assessments. We want faster, smoother deployments into our AWS environments - Looking for people to help mature our CI/CD platform.

https://smrtr.io/4rvnf


Is there an email address I can reach out to ?


https://github.com/aws/aws-proton-public-roadmap/issues/1

Not disagreeing with you, just posting information I've come across, they plan to support 3rd party tools including terraform and jenkins, how is unclear.


Renaissance Learning Inc | https://www.renaissance.com/ | US | Build and Release Engineer | Full-Time | Remote

We're an US based ed-tech company that makes cloud-based, pre-K–12 educational software and adaptive assessments. We're looking for someone to help mature our CI/CD systems and processes

I'm the hiring manager for : https://smrtr.io/4rvnf Other openings: https://careers.smartrecruiters.com/Renaissance


Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: