Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -478,6 +478,8 @@ examples/

## Development
> **Note:** This project uses [Bun](https://bun.sh) as its package manager. Install Bun first: https://bun.sh/docs/installation
> **Note:** If you encounter execution policy or permission errors during setup, open your terminal as an Administrator (Windows) or use `sudo` before running commands (Mac/Linux).

Comment on lines +481 to +482

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

Avoid recommending sudo for package manager commands.

Recommending sudo before bun install or similar commands is an anti-pattern that creates root-owned files in user directories, leading to cascading permission issues and potential security risks. Users who installed Bun via curl | sudo bash or have directory ownership misconfigurations will compound the problem.

Replace with targeted troubleshooting:

  • Verify Bun was installed for the current user (not system-wide via root).
  • Check directory ownership with ls -la and fix with chown -R $(whoami) . if needed.
  • On Windows, suggest checking execution policy with Get-ExecutionPolicy / Set-ExecutionPolicy RemoteSigned -Scope CurrentUser rather than blanket Administrator elevation.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@README.md` around lines 481 - 482, The setup note recommends using sudo for
Mac/Linux, which should be removed because it can create root-owned files and
permission issues. Update the README guidance in the note near the setup
instructions to avoid blanket sudo/Administrator advice and instead point users
to Bun user-install verification, ownership checks with chown, and Windows
execution policy troubleshooting using Get-ExecutionPolicy and
Set-ExecutionPolicy RemoteSigned -Scope CurrentUser.


```bash
bun install
Expand Down
Loading