npm fails to restrict the actions of malicious npm packages

Overview npm allows packages to take actions that could result in a malicious npm package author to create a worm that spreads across the majority of the npm ecosystem. Description npm is the default package manager for Node.js, which is a runtime environment for developing server-side web...