Good article. This is what I was excited about the first time I heard about Deno before I eventually learned what Deno's sandboxing model actually was. I'm not sure this is the exact proposal I would want, but I do want something vaguely like scopes or capabilities in Node, and even if it wasn't perfect I think it would go a long way towards mitigating at least some of the current risk in the ecosystem.
Also agreed that for all their use, it would have been better in the long run if install scripts had never existed. It's not just that they're a security vulnerability, they also get in the way of vendoring code, and can introduce additional non-JS dependencies and errors on other systems/platforms. Again, not to say that they don't have any use, I get why they're there. I just wonder if the benefits are worth the downsides.
Also agreed that for all their use, it would have been better in the long run if install scripts had never existed. It's not just that they're a security vulnerability, they also get in the way of vendoring code, and can introduce additional non-JS dependencies and errors on other systems/platforms. Again, not to say that they don't have any use, I get why they're there. I just wonder if the benefits are worth the downsides.