“Should I pipe it?”
So, fellow developers, you know how we’re all told not to pipe installation scripts into our shells and yet we all do it anyway? I just rolled a little something that might help with that…
Here’s an example of the nvm install script, verified by yours truly:
https://should-i-pipe.it/https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh
What do you think?
Anyone with a GitHub account can help verify installation scripts (would be good to have two more for nvm).
Instructions: https://github.com/small-tech/should-i-pipe-it/blob/master/README.md
Thoughts? :)
@aral it’s reallly cool. I always thought something like a sandbox a script could run in, and report all the changes a script actually does. wouldn’t replace human verifiers, and a report would be just as easy to hide malicious trickery in as a script. something satisfying about the idea of a “dry run” though. maybe a script like nvm mucks up my path in ways i don’t want and i’d like to know about it.
Server run by the main developers of the project 
It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!