• @SpacingBat3
    link
    1
    edit-2
    1 year ago

    I guess this highly depends on package maintainers, Node already provides funding in package.json for much less invasive funding requests (and that can also be disabled) and you might also block executing the scripts during package instalation which are sometimes used for advertisement. I think this was a lot worse in days NPM didn’t support funding, especially for projects depending on a huge number of dependencies. But I’m not that old Node/JS dev to tell how things were back then in reality.