I am a no to passing arguments, the use-case is really about doing some extra tasks for the current environment.
I am also a 'no' to prompting the user for permission, this shortly becomes a permission list of which plugins can and can't run scripts, or do we ask this every time? We definitely need to post our policies for plugins. ie.something like npmjs.org posts [1] We may want to not allow auto publishing of any plugin that uses these scripts, and have one of us look at it quickly to make sure it is not evil. [1] https://www.npmjs.org/doc/misc/npm-disputes.html ( the exceptions section ) @purplecabbage risingj.com On Wed, Mar 5, 2014 at 11:21 AM, Andrew Grieve <agri...@chromium.org> wrote: > Not sure passing through command-line arguments is feasible for dependent > plugins. Maybe have the scripts get their args from environment variables? > > > On Wed, Mar 5, 2014 at 12:59 PM, Jonathan Bond-Caron < > jbo...@gdesolutions.com> wrote: > > > On Wed Mar 5 12:00 PM, Marcel Kinard wrote: > > > In that case (i.e., "npm test") the user is explicitly invoking the > > > script. If we are > > > talking about hooks that run automatically on > > > "cordova plugin add", then it is > > > implicit. How about if the cli > > > prompted the user when a hook request is present > > > such as "plugin > > > foobar wants to run the script xyz. Do you grant permission for it > > > to > > > do so?" Perhaps plugman could have an --accept-scripts parm that > > > granted > > > permission to all such requests to prevent prompting? > > > > Could run scripts in a 'sandbox' of some sort... > > http://nodejs.org/api/vm.html > > > > Might be a little safer and less chaotic in terms of what scripts can > > install, that way uninstall() can cleanly do its job. > > > > >
