zkat
commented
7 years ago I'm gonna close this in favor of #66 because it's more specific and I want to look at that approach closer.
Closed timdorr closed 7 years ago
zkat
commented
7 years ago I'm gonna close this in favor of #66 because it's more specific and I want to look at that approach closer.
Since there's a much greater chance of bad actors in environments you don't directly control (i.e., not npm), I think there should be some sort of warning message or confirmation step when using a URL-based command. Just a quick sanity check to make sure people don't install something nasty.
Thoughts on this? If there's interest, I can work up a PR.