top | item 43486216

(no title)

jrmann100 | 11 months ago

I believe the Deno permission system[0] does what you're asking, and more.

(Deno is a JavaScript runtime co-created by Ryan Dahl, who created Node.js - see his talk "10 Things I Regret About Node.js"[1] for more of his motivations in designing it.)

[0] https://docs.deno.com/runtime/fundamentals/security/

[1] https://www.youtube.com/watch?v=M3BM9TB-8yA

discuss

DimmieMan|11 months ago

Yes, explicitly asking you if you want to run the install script is the first warning (which pnpm can do too)

Then would halt due to file access or network permissions.

Could still get you if you lazily allow all everywhere though and this is why you shouldn’t do that.

simlevesque|11 months ago

Yes and you can run almost every npm packages:

  deno run npm:@angular/cli --help