Just brain storming... could another possible solution be to create a public list of hashes of well known scripts, and then write a small `sh` wrapper that verifies that hash of the script it's about to execute?
You shouldn't always trust even 'trusted' scripts due to the potential for various types of man in the middle attacks. True, though, that with all things being equal some scripts are more trustworthy than others, but if you're on a compromised network then you can't trust any.
I don't think that node is bad, but it's simply another dependency you have to worry about. Most devs likely won't have node pre-installed. Having a no-dependency binary is a great thing.
Because if you are not developing in node, and don't have any other node based software, yet another runtime, its package manager(s), and dependencies are unwanted additions to a system.
Node is great, and a port of jq to node would be awesome (someone once hinted at such a port, but I've lost track of it).
But jq also has libjq, a C library. And jq uses a copy-on-write, reference counted representation of JSON values, which is, for example, inherently thread-safe (though jq isn't using atomic operations for refcount management yet). The library is easy to use and powerful.
Ultimately the main thing I love about jq (and why I contribute to it) is the jq language itself. It reminds me of my one-time favorite, Icon. But in a world where C is still the champion of systems programming (until Rust takes over?), it's real handy to have a C JSON library _and_ a functional DSL that's easy to invoke from C.
He's not bothered - it's an experiment for both of us. If it works out then I'll see him right, but there's no point in hashing out some lengthy agreement if it doesn't bring in the bucks.
When I used to work on windows I created a little AutoHotKey script that remapped my keyboard when ever the capslock key was on:
https://github.com/xavi-/Keyboard-Remapper
It mapped I,J,K,L to the arrow keys, U to the home key, O to the end key, N to backspace, M into the del, and etc... Did wonders for my wrists.
This is certainly not everything they know about you. This is part of their initiative to be not-evil, it’s called Data Liberation Front[1]. In their own words:
> Loyalty, not lock-in. We firmly believe you control your data, so we have a team of engineers whose only goal is to help you take your information with you. [2]
It’s absolutely terrific that they have something like this. Many others had to be dragged there kicking and screaming.
However, this is just not relevant to the topic at hand. This is “your data”, the data that you deliberately created, rather than revealed accidentally. The point of the project is to avoid vendor lock-in, rather than to protect your privacy.
If you’re EU resident, you should be able to just write to them and they have to reveal everything they have on you. And that list will be entirely different from this.
