Yes, at the end of that blog there are two options for that:

  npm install --ignore-scripts=false package-i-trust

Or, trigger the installation script:

  node node_modules/puppeteer/install.js

▲ wrs 3 days ago | parent [-]

The pnpm version of this is persistent. You approve the package once, and regular install works thereafter. Which is nice.

▲

DemocracyFTW2 3 days ago | parent [-]

is that permission tied to a specific version with a specific fingerprint/hash? because if it's not then you could still get a surprise come the next update...

	▲	wrs 2 days ago \| parent [-]
		It is by package name, but at least you won't be surprised when left-pad suddenly has an install script. You can put a fingerprint on the package dependency itself, though, so if you add a fingerprint to anything you approve the install script for, you will get that level of safety.