[johntash]

> https://depsguard.com if anyone is interested.

I really appreciate that you didn't include a "curl | bash" command to paste for installing, but at the same time it's what I was expecting when I clicked.

I'm pretty sure I saw a comment on HN where the user wrapped all of their npm/pip/etc commands with bubblewrap. I've been thinking of doing something similar and basically just seeing how many of my daily commands I can sandbox. My hunch is that _most_ of them don't need to operate outside the current directory and don't need internet access.

[eranation]

Yeah, I really wanted to avoid anything "| bash"... appreciate you noticed! (although downloading any binary is also risky, I think just making this a standalone python script would be a better idea for the next version)