You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@janezpodhostnik This is a cool idea. But, one potential issue is that a seemingly harmless URL used by many could eventually be switched to something malicious after gaining trust.
One method we've been exploring to address this is through FLIX and the Dependency Manager. Currently, you can execute a script or transaction using a FLIX from the CLI. This means that these could be encapsulated within a FLIX for execution. We also plan to enable the Dependency Manager to import scripts and transactions from URLs directly into your project for local execution. This would also somewhat address what you're trying to do.
Although, we want to integrate commands for commonly used functions in the near future directly into the CLI, like querying supply, transferring flow, etc. Are there any interactions that you use often, which we should prioritize?
Using any CLI commands comes with a risk and a disclaimer "I know what the commands I am running do". Nothing is stopping you from running "rm -rf /".
While I think the CLI should take some effort to reduce footguns, I also think worrying about the url destination switching on the user over time is not the responsibility of the CLI, but the responsibility of the user.
Description
A lot times I find myself using commands like this:
flow scripts execute <(curl -s "https://raw.githubusercontent.com/onflow/flow-core-contracts/stable-cadence/transactions/flowToken/scripts/get_supply.cdc") -n some_network
It would be nice to support something like this:
flow scripts execute "https://raw.githubusercontent.com/onflow/flow-core-contracts/stable-cadence/transactions/flowToken/scripts/get_supply.cdc" -n some_network
Another potential option is that you would list "sources" in the
flow.json
:and then you could use it like this:
flow scripts execute "core-contracts:transactions/flowToken/scripts/get_supply.cdc" -n some_network
The text was updated successfully, but these errors were encountered: