If you have a fediverse account, you can quote this note from your own instance. Search https://mastodon.social/users/Migueldeicaza/statuses/116177892634272296 on your instance and quote it. (Note that quoting is not supported in Mastodon.)
FWIW I don't think we're doomed but I do think that all package managers and the ecosystems around them could be made much safer and more robust with a modest set of safe defaults. Defaulting to 7 day cooldowns, and this problem barely exists. If human intervention is required if deps/postinstall scripts change? With that defaulted to on this problem doesn't exist at all.
This is clean running water and washing our hands with soap territory, it's the fundamentals.