I’m not particularly into either npm (the JavaScript dependency library and installer) or cryptocoins (approximately “Bitcoins”), but I was talking some fellow WordPress developers and this pretty interesting and complex security story came up. The summary is this: