Turns out "let me just npm install real quick" was a security incident the whole time
v12 is making dependency install scripts opt-in. I helped build it. You're welcome/I'm sorry.
github.blog/changelog/20...
Our next npm major version, v12, introduces security-related default changes to npm install. All these changes are available behind warnings in npm today on 11.16.0 or newer, so you can…
