What if we could verify NPM packages? | Dark Hacker News