Isn't executing arbitrary code kind of the entire point of NPM though? Any chance you have a link to something that describes their plans?
reply> Isn't executing arbitrary code kind of the entire point of NPM though?
replyNo. npm is a package manager. As mentioned in the comment you're replying to, almost all package managers execute arbitrary code. Eg:
- pip
- Cargo
- apt/dpkg
- dnf/yum
- Homebrew
- RubyGems
- Composer (limited)
- Maven
> Any chance you have a link to something that describes their plans?
https://github.blog/changelog/2026-06-09-upcoming-breaking-c...