Comment 3 for bug 1612005
Revision history for this message
| Kyle Fazzari (kyrofa) wrote Re: nodejs and gulp plugins download packages during the build | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Thanks for the reply, Colin. I see where you're coming from, but I also see two problems with it:
1) The floodgates are already open. If someone wants to get around the blockade, all they have to do is use a local plugin that does whatever they want in the pull phase, like so:
http://
2) You're trying to avoid internet access in the build step. But by asking us to "do this in pull instead," you're literally asking us to combine the build and pull step. Which means we have internet access in the build step anyway, but we lose our pull->build-
With these things in mind, it seems to us that blocking internet access in all but the pull step doesn't do much to protect anything, but definitely gets in the way of legitimate use.