On 03/16/2015 13:05, Mark Felder wrote:
This would require FreeBSD to modify npm code to inject this message,
correct? Or do you just want a post-install message when the package is
installed to remind FreeBSD users about it?
It seems to me a scary warning patch should be sent upstream.
I meant post-install message.
pkg and ports nicely check package signatures or fingerprints, but then
npm defeats this outright, if installed.
Yuri
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
