| ▲ | criemen 6 days ago | |
> Maybe those tools should explicitly confirm executing every external command This wouldn't work - it's not external commands that's the problem, it's arbitrary code that's being executed. That code has access to all regular system APIs/syscalls, so there's no way of explicitly confirming external commands. Python/pip suffers the same problem btw, so I think that ship has sailed. | ||
| ▲ | Philpax 6 days ago | parent | next [-] | |
Rust is investigating using sandboxed WASM for proc macros, but it'll be some time before there's any movement there: https://github.com/rust-lang/compiler-team/issues/876 | ||
| ▲ | codedokode 6 days ago | parent | prev [-] | |
Then explicitly confirming running every hook with displaying module and function name. > Python/pip suffers the same problem btw, so I think that ship has sailed. If I ever find time to write a package manager for C, it won't support hooks. | ||