Sign the lib #66
Description
A few discussions about malicious packages making into NPM has made me think heavily about what I can do to protect against someone trying to push a bad package to NPM.
Signing the lib and signatures of the nuget package may be the best option...