Hacker News new | past | comments | ask | show | jobs | submit login

There's nothing special about "backend". It's normal for the client side bundle to contain many dependencies that came from NPM.



Right but if they can’t phone anywhere when the client executes them, they’re not dangerous to the client. As another commenter points out though, there is the danger of executing on the dev’s computer: I guess that is true.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: