Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

To be honest, right now I'm thinking about isolating of build process for frontend on my local environment. It is seems not hard to send my local environment variables like OPENAI_API_KEY or .ssh/* to some remote machine.

I know it is not very different comparing to python or projects in any other language. But I don't feel that I cannot trust node/js community at this point.



Switching to Deno might help. It's sandboxed by default and offers granular escape hatches. So if a script needs access to a specific environment variable or read or write specific files, it's simple to configure that only those accesses are allowed.


Running vite inside a docker container would probably get you what you want


I don't think you even need a container for that type of containment.

You could do it with namespaces.

I think node/whatever-js-run-time/package-manger could allow for namespaced containment for packages with simple modern linux things.

The realms proposal was a step towards that at one time.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: