@jakub@jirutka.cz
@jakub@jirutka.cz avatar

jakub

@jakub@jirutka.cz

System engineer and software developer based in Prague, AlpineLinux developer, open-source enthusiast, fan of technologies, science, movies. My opinions only!

This profile is from a federated server and may be incomplete. Browse more on the original instance.

jakub, to security
@jakub@jirutka.cz avatar

I noticed that #Zed automatically downloads a NodeJS binary from nodejs.org without asking or even informing the user about it. Right after starting it and opening a file, without doing anything else. Then it installs some packages from npmjs via npm. And there’s no option to disable it.

THIS IS ABSOLUTELY UNACCEPTABLE! I can’t stress enough how bad this is from #security point of view. And not just that, consider users on metered connections

#ZedEditor #cybersec #Rust
https://github.com/zed-industries/zed/issues/12589

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • InstantRegret
  • mdbf
  • ethstaker
  • magazineikmin
  • cubers
  • rosin
  • thenastyranch
  • Youngstown
  • osvaldo12
  • slotface
  • khanakhh
  • kavyap
  • DreamBathrooms
  • provamag3
  • Durango
  • everett
  • tacticalgear
  • modclub
  • anitta
  • cisconetworking
  • tester
  • ngwrru68w68
  • GTA5RPClips
  • normalnudes
  • megavids
  • Leos
  • lostlight
  • All magazines
    •