-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Include code from a public github repo? #67
Comments
I just tested how to do it. This could work with https://github.com/axios/axios.
Would you appreciate a PR and would you review and comment on it in short time? |
See #68 |
@astridx why have you closed this issue while the PR is still open? |
@Edo78 I know it like this, that an issue is closed when a PR is opened. Here it is like this: https://github.com/joomla/joomla-cms/ for example. |
I'm not sure. I always prefer to have a feedback on the issue from the maintainer. I hope the PR is accepted because it can be really useful even on the very same repository. If I specify a line range and I change the source file the same range could point to a different code but pointing to a specific version can "solve" this issue. |
Same with me. "I always prefer to have a feedback on the issue from the maintainer". But: Since I needed the function for myself and it was already ready, I created the PR. It is also easier for the maintainer to make a decision when he sees the implementation. |
Hi @astridx and @Edo78 , sorry for my silence on this issue, I've been busy with other stuff and forgot about this issue. Unfortunately I do not wish to extend the functionality of this iteration of the tool to include remote file management for a couple of reasons. The main one being that I see this as both a security and consistency risk, if we had more fine grained permission controls with Node.js like we do with Deno, I'd be all for it, however I don't like the potential risks associated with basically uncontrolled fetching of remote data. That said, I can certainly understand the desire for such a feature and would be happy to discuss alternative solutions such as a plugin-like architecture where a user needed to explicitly add separate (optional) dependency to allow for remote file resolution? |
@zakhenry Thank you for your answer. Is it correct that you see the security issue for the offer at https://www.npmjs.com/? |
What's the difference between:
And... All seems a matter of where the request happens? And is the responsibility leaked to users or encapsulated in one program that might have a better chance of applying some safety checks (not that it has to) 😃 |
Thank you for this tool.
Could I write a script that will load the source code from a public github repo? This would be great.
For example something like this:
The text was updated successfully, but these errors were encountered: