Can it be done via cli or bunfig ?
#How does one disable the default trustedDependencies ?
silent patrol
terse scaffold
Can it be done via cli or bunfig ?
Of you add the that to package.json, it should ignore the default list and only your specified ones (I.e. [] for none)
//package.json
"trustedDependencies": []
silent patrol
That does not make sense. Will the following only trust protobuf and none in the default list ?
"trustedDependencies": [
"protobufjs",
]
Like is @bufbuild/buf trusted ? Which is in the default list (https://github.com/oven-sh/bun/blob/main/src/install/default-trusted-dependencies.txt)
silent patrol
So if nothing is added to package.json, then bun trusts all those 367 packages, but if I add one to package.json then none of them are trusted ?
terse scaffold
That does not make sense. Will the following only trust protobuf and none in the...
note that package has a useless postinstall
bun only shows the output if its an error
so if u enable it, you are only slowing down install speeds for no use
terse scaffold
So if nothing is added to package.json, then bun trusts all those 367 packages, ...
yeah smth like that, but u rarely use more than a few of them
silent patrol
If nothing is added to package.json, then bun trusts all those 367 packages.
If I add one to my package.json, does bun trust only that one package, or those 367 plus one ?
terse scaffold
just the one
but trust in this context, is only for running postinstall scripts, nothing else is being effected
silent patrol
That's ok. I was concerned that the two list may be getting concatenated instead of overriding it.