Josh Holbrook
Josh Holbrook
It's possible the repo is private even though the tarball is public. I know ssh itself has cli flags to control how it prompts for passwords, etc., so I'd imagine...
While I was tempted to reply with an image macro, I think a more serious response is in order here. Having hoarders show up as a reverse dependency in npmjs.org...
> 1) Had my package been hacked and had a dependency added (no, it was being depended on, oops) I mean, you'll have that "problem" _anyway_ as people decide to...
Or, I could update the description in the package.json to say, "THAT'S THE JOKE"
I implemented a blacklist for people that don't want to be depended on by hoarders: https://github.com/jesusabdullah/hoarders/blob/master/build.js#L12-L22 Broofa's modules should be blacklisted already. If you would also like to opt out,...
Reopening this for greater visibility to those which have not been blacklisted yet.
I mean, I _could_ but all the important configuration is in the build.json anyway.
> is that it artificially inflates download numbers. Does it? You have to actually install hoarders in order for that download to show up.
I definitely published them to npm, I don't know why they claim otherwise. You'll have to take it up with them.
I’m on the road but can probably look at this tomorrow morning. In the meantime that is in fact the fix if you want to try backporting to 3.x -...