Jails seems (to me) the most attractive feature in this package manager.
It's not feasible to believe we can just disable post-install scripts since so many older packages rely on these. Having them contained to avoid dubious scripts seems like the next best solution.
aube was about 30% slower than pnpm in my testing on our hundreds-of-dependencies monorepo, but I'm giving it time and keeping a testing branch around. (hi jdx yes I am that guy.) Honestly this speaks to how good pnpm is more than saying aube can't get there.
I'm still opening pnpm-behavior bug reports against aube daily (boo) but they are getting fixed very quickly (yay). I'm really looking forward to seeing if it's worth rolling out once he catches up with the long tail of subtle behaviors we rely on.
Again, pnpm sets a high bar, so even if aube ends up getting faster, it's not a sure thing.
It's not feasible to believe we can just disable post-install scripts since so many older packages rely on these. Having them contained to avoid dubious scripts seems like the next best solution.