#security

Many npm supply chain attacks are detected quickly. Delaying very fresh package versions can block a surprising amount of risk for a small cost.