Exploiting Developer Infrastructure Is Ridiculously Easy
The open-source ecosystem is broken
5 min readNov 27, 2018
In late October, an issue was opened on an extremely popular node.js tool, nodemon, describing a deprecation warning that was being logged to the console.
Warnings like these aren’t uncommon. This one seemed harmless. It wasn’t even related to the nodemon project, but rather to one of…