These are chat archives for chocolatey/chocolatey-oneget

23rd
Oct 2015
Roman Plášil
@Quiark
Oct 23 2015 01:37
hi, what is the security model of Chocolatey? Is there some way to review the install script before running it? To see what it downloads and so on...
Rob Reynolds
@ferventcoder
Oct 23 2015 01:40
@Quiark wrong room, but to answer your question - by default choco asks you to review the install script
Similar to apt-get or yum, you can use -y to bypass that when you are comfortable. Choco also has --whatif|--noop to see what would have happened without any state change
@Quiark does that answer your questions? I have more for you at https://github.com/chocolatey/choco/wiki/Security
Roman Plášil
@Quiark
Oct 23 2015 01:46
:+1: actually I'm trying to use choco provider for oneget. It didn't ask to review the script, only if I really want to install it
Rob Reynolds
@ferventcoder
Oct 23 2015 01:48
It doesn't- that's correct. The model for oneget is different than choco