Thread - Nostr Hypermedia

Relays: 5

Replies: 3

Generated: 00:04:34

I know, but the reputation part doesnt solve the hacked part, hence my comment:) As nostr:nprofile1qqsprwdgjszdhucrfelp3p46nhzvd5mk7gu6zxp8r0fwc4n63zv9pnspz3mhxue69uhhwmm59ehx7um5wghxuet59ucq863l mentioned zapstore is much better implementation of this because its higher up in the food chain, here you have layers so maybe the author of the lib you are using has high rep score with the author of the lib that his lib was using but not with you, the problem is that a tiny lib is not a finalized product so you can have multiple layers of reputation/trust in between, its not very informative at the point

2025-09-18 18:46:54 from 1 relay(s) ↑ Parent 1 replies ↓

Replies (3)

Max max@nostr.com npub18lzl...ugm3

Did someone jack the devs' keys? Or was it someone playing a long game (where reputation may help more)? Do it for agents! That's where we have j curve potential. New app store is cool and I'm a huge fan of nostr:nprofile1qyghwumn8ghj7mn0wd68ytnvv9hxgtcqypex583xrnryw3n5aq59uw23kwa38xlf5aeart85nhyx3kuxrgwpzjh056v & nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qghwaehxw309aex2mrp0yhxummnw3ezucnpdejz7qpq0r8xl2njyepcw2zwv3a6dyufj4e4ajx86hz6v4ehu4gnpupxxp7s85uvay, but building for agents has way more mainstream potential imo

2025-09-18 18:51:15 from 1 relay(s) ↑ Parent 2 replies ↓ Reply

aljaz aljaz@nostr.si npub1alja...g9jp

The initial step of this recent wave of npm hacks started with Qix being hacled, then another dev so it was not a long term infiltration like the xz utils attack last year https://socket.dev/blog/npm-author-qix-compromised-in-major-supply-chain-attack

2025-09-18 19:10:51 from 1 relay(s) ↑ Parent Reply

franzap fran@zapstore.dev npub1wf4p...dgh9

The agent marketplace is indeed interesting. I don't see how it would fix the npm problem though, I second what aljaz and Justin said.

2025-09-18 23:49:02 from 1 relay(s) ↑ Parent Reply