The hottest Substack posts of
Simple Truth Systems
And their main takeaways
- Vsts-npm-auth is not safe or reliable, with no shared source code and unknown contributors.
- There are suspicions about the authenticity of vsts-npm-auth contributors, possibly Microsoft engineers, but lacking transparency.
- The recommendation to use vsts-npm-auth, even in Microsoft documentation, raises questions about its credibility and safety.