While it can help first-time developers avoid a bounce, the use of only-allow with npx also means this does not work on boxes which do not have internet access, most notably internal CI boxes. Since there are alternative ways to solve the first-user flow (documentation, the fact that all package managers flag up the fact that you are using a different manager than the lock file in the repo, etc.), this removes this entirely.
While it can help first-time developers avoid a bounce, the use of
only-allow
withnpx
also means this does not work on boxes which do not have internet access, most notably internal CI boxes. Since there are alternative ways to solve the first-user flow (documentation, the fact that all package managers flag up the fact that you are using a different manager than the lock file in the repo, etc.), this removes this entirely.Fixes #90. Alternative to #93.