←back to thread

Less is safer: How Obsidian reduces the risk of supply chain attacks

(obsidian.md)
429 points saeedesmaili | 1 comments | 19 Sep 25 22:02 UTC | HN request time: 0.398s | source
Show context
xenator ◴[20 Sep 25 05:17 UTC] No.45310610[source]
To be honest, right now I'm thinking about isolating of build process for frontend on my local environment. It is seems not hard to send my local environment variables like OPENAI_API_KEY or .ssh/* to some remote machine.

I know it is not very different comparing to python or projects in any other language. But I don't feel that I cannot trust node/js community at this point.

replies(2): >>45310887 #>>45311509 #
1. mark_and_sweep ◴[20 Sep 25 08:24 UTC] No.45311509[source]
Switching to Deno might help. It's sandboxed by default and offers granular escape hatches. So if a script needs access to a specific environment variable or read or write specific files, it's simple to configure that only those accesses are allowed.