Yeah, I ask because the JVM world has had that since... whenever Maven's central... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

EdwardDiego on June 5, 2023 | parent | context | favorite | on: The Rust I wanted had no future

Yeah, I ask because the JVM world has had that since... whenever Maven's central repository came about [0][1][2], I guess, and it ensures that there's no debate about namesquatting [3], nor typosquatting attack vectors [4].

I am constantly baffled that NPM, PyPi, crates.io etc. didn't copy this idea for those last two reasons. In my mind, it's not quite best in class without it.

[0]: https://central.sonatype.org/publish/requirements/coordinate...

[1]: https://central.sonatype.org/faq/how-to-set-txt-record/

[2]: https://central.sonatype.org/publish/requirements/coordinate...

[3]: https://internals.rust-lang.org/t/pre-rfc-formal-squatting-p...

[4]: https://blog.sonatype.com/this-week-in-malware-may-13th-edit...

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact