That just seems worse than what npm/yarn have. Despite Node's flaws, at least th... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

colejohnson66 on March 16, 2022 | parent | context | favorite | on: Deno Is Webby

That just seems worse than what npm/yarn have. Despite Node's flaws, at least those have a hash check on the downloaded package against what's in the lock file.

EDIT: I was wrong. See @spoiler's reply.

spoiler on March 16, 2022 [–]

So does Deno: https://deno.land/manual/linking_to_external_code/integrity_...

It's not part of a package manager, because there isn't one, though.

colejohnson66 on March 16, 2022 | [–]

Ah. I stand corrected.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact