[dozzie]

Which is as terrible idea. You have some code deployed, and suddenly this code downloads random things from internets without any control whatsoever.

Even worse if the application was deployed behind firewall and can't access internet freely.

[leichtgewicht]

It is definitely a bad idea when working on a server, but for a cli tool or some editor that might install it anyways it could be arguably worth a try.

[dozzie]

It's JavaScript. If you make any thing that's merely silly in command line tools, it will end up being adopted where it's a terribly stupid idea.

Plugins are plugins and dependencies are dependencies. Don't mix them up.