On Monday, 27 October 2014 at 03:00:50 UTC, Ola Fosheim Grøstad
wrote:
On Monday, 27 October 2014 at 02:33:18 UTC, Tofu Ninja wrote:
Cons:
Could degrade perceived quality of stdlib if bad dub packages
got in.
Bad for security.
My response to that is that any library you ever download is bad
for security (including dmd and phobos). We need to draw the line
somewhere for things we trust and things we don't trust,
personally I draw the line where it best suits me to get things
done. If giving up some small about of security allowed me to
automatically integrate dub packages into my projects, I would
happily give it up. :)
Also it is why I suggested that it could be policed.
