Writing CLI tools with Node

Writing CLI tools with Node

My personal notes are available at http://cl.ly/bbcA/BuildingaCLItoolwithNode.pdf

Important points I prepared for the talk, but missed:
- npm can be creepy: no software signing, no sandbox, lousy chain of trust
- npm install as dangerous as curl foo | sh due to no sandboxing
- no whitelist prior authorization / permission system to access mic, camera, file-system, etc, as in the browser. Everything granted to the user is granted to the process.
- Windows does not support sending signals.

5733fd332f2a0da11931e0e73ddfb20d?s=128

Henrique Vicente

June 11, 2015
Tweet