You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: Short-term-package-manager-wishlist.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -32,7 +32,7 @@ _Notice: this list might be updated in the future._
32
32
***Done (2017).**~Opt-in — to get a token~
33
33
***Done (2017).**~Opt-in — for confirming _all_ publishes done by a user~
34
34
* There should be an option to enforce 2FA (login/publish) per-package that would make all further actions done to this package require a verification code.
35
-
2. Email notifications on any updates to the owned packages, to the profile or to the list of owned packages — _partially implemented as of 2018-02, only for own publishes._
35
+
2.**Partial (2018-02)**Email notifications on any updates to the owned packages, to the profile or to the list of owned packages — _partially implemented as of 2018-02, only for own publishes._
36
36
3. Webpage-based notifications to any of the above (i.e. just a list of all write actions by oneself on npmjs.com).
37
37
4. Don't actually publish packages with npm credentials, run scans _prior_ to the publishing, not _after_ the package was already published.
38
38
5. Is there a proper bruteforce prevention mechanism running? I hadn't noticed it.
0 commit comments