Y
Hacker News
new
|
ask
|
show
|
jobs
by
theodorejb
232 days ago
Bun also doesn't execute lifestyle scripts by default, except for a customizable whitelist of trusted dependencies:
https://bun.com/docs/guides/install/trusted
1 comments
codedokode
232 days ago
"Trusted" dependencies are poor solution, the good solution is either never run scripts, or run them inside qemu.
link