> It may take distributors some time - or years - to figure how and why they
> want to package Electron apps, but it will happen eventually due to user
> demand.
Electron apps package NodeJS code. npm downloads NodeJS code directly from
GitHub, typically from hundreds of individual GitHub accounts. This subjects
users to the danger of some of these accounts to go rogue and deliver malware
to them, since NodeJS technology doesn't have any safeguards against this and
such unsafe behavior is done rather by its design, there's little chance that
major packaging systems would adopt them. You can see that the Atom editor for
example isn't packaged by Debian or any RPM packaging systems
(https://repology.org/project/atom/versions). They can't subject their users to
such dangers, and they shouldn't.
Perhaps Electron can be used w/out NodeJS, but it brands itself as ElectronJS,
and your project too has the npm part in it.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/tim-janik/beast/issues/132#issuecomment-560142938
_______________________________________________
beast mailing list
beast@gnome.org
https://mail.gnome.org/mailman/listinfo/beast
