uhh ya it is. There's also https://github.com/eleijonmarck/do-not-compile-this-code
https://github.com/eleijonmarck/do-not-compile-this-code/blo...
This is true for all third-party libraries. If you blindly download and execute code from the Internet, this is a risk you are assuming.
As I stated above, if you need more security, you can download all the dependencies and build inside an isolated container.
https://github.com/eleijonmarck/do-not-compile-this-code/blo...
This is true for all third-party libraries. If you blindly download and execute code from the Internet, this is a risk you are assuming.
As I stated above, if you need more security, you can download all the dependencies and build inside an isolated container.