It'll always be a cat-and-mouse game. If npm adds protections, it'll only yield false-positives and workarounds will be trivial.

Almost all these recent compromises seem to involve either cache poisoning or prompt injection via untrusted variables.

Python had these too, no ecosystem is safe.

I think it's just a case of brain drain, followed by reckless AI adoption which both drove the quality down.

All those forks turned out to be inferior projects with substantially less contributions than the originals.

It's definitely helpful to know whether a PR was AI-assisted or not and the git attribution line is a simple and effective way of communicating that.

I also recommend specifying model name and version so the maintainer knows upfront the level of slop they are dealing with.

I'm going even simpler, just bare docker with a idempotent bash wrapper.

I hope Node eventually gets a WebSocket server like Bun has.

Problem with Go is the type system is rudimentary, so you can't "restrict" AIs as well as you could in Typescript.

https://www.typescriptlang.org/tsconfig/#erasableSyntaxOnly covers them all, I strongly recommend running with that option enabled to be future-proof.