<![CDATA[dear package registries (npm, composer, etc), i am begging you]]>

<![CDATA[dear package registries (npm, composer, etc), i am begging you]]>dear package registries (npm, composer, etc), i am begging you

require 2FA before someone can tag a release RIGHT NOW

this would immediately stop a huge amount of the open source supply chain attacks we keep seeing

]]>https://board.circlewithadot.net/topic/8fdc43f9-a7dd-4ee3-9fd4-e318b51cc9f7/dear-package-registries-npm-composer-etc-i-am-begging-youRSS for NodeSat, 06 Jun 2026 15:55:14 GMTFri, 29 May 2026 01:47:01 GMT60