|
|
|
|
|
|
by notnullorvoid
35 days ago
|
|
|
I said limit post install, not remove them. Having an allow list in package.json of packages which can run post install would work fine. Pnpm already does this. Having said that I'm not against full on removal of post install either. It would get more pushback, but would still be possible for people to manually run the post install for the few packages that require it, or to add them as a script in package.json. |
|
|