top | item 46036869 (no title) blktiger | 3 months ago Both NPM and Yarn have a way to disable install scripts which everyone should do if at all possible. discuss order hn newest twistedpair|3 months ago Good point, but until many popular packages stop requiring install.sh to operate, you'll still need to allowlist some of them. That is built into the PNPM tooling, luckily :)
twistedpair|3 months ago Good point, but until many popular packages stop requiring install.sh to operate, you'll still need to allowlist some of them. That is built into the PNPM tooling, luckily :)
twistedpair|3 months ago