What's Really Going On Inside Your node_modules Folder?
I want to start by just pointing out that what we're trying to do here is kind of crazy. We want to:
- Download code
- from the internet
- written by unknown individuals
- that we haven't read
- that we execute
- with full permissions
- on our laptops and servers
- where we keep our most important data
This is what we're doing every day when we use npm install.
Well, when you put it that way…