Speaker Deck

Writing CLI tools with Node

by Henrique Vicente

Published June 11, 2015 in Programming

My personal notes are available at http://cl.ly/bbcA/BuildingaCLItoolwithNode.pdf

Important points I prepared for the talk, but missed:
- npm can be creepy: no software signing, no sandbox, lousy chain of trust
- npm install as dangerous as curl foo | sh due to no sandboxing
- no whitelist prior authorization / permission system to access mic, camera, file-system, etc, as in the browser. Everything granted to the user is granted to the process.
- Windows does not support sending signals.