tonymobily@gmail.com asking for write and publish access #23
Description
Someone has been emailing me from tonymobily@gmail.com asking for write and publish access to the repo and npm module.
I don't even know if I still have access, but in light of recent events, and considering that I don't know the person personally, I've said no - he can PR and we'll review it, and he's persisted that he wants write and publish access.
I just want to document that here because I don't know if it's the real Tony Mobily or not, and it seems that kind of conversation should have come up as an issue first - and I don't see any activity from him here.
My suggestion is that we don't give anyone new access as this is an obvious target for supply chain vulnerability and anyone writing new code should probably be using the path functions available via new URL(), in most cases.