On 6 October 2011 06:34, Phillip Gawlowski <cmdjackryan / gmail.com> wrote: > On Thu, Oct 6, 2011 at 3:19 PM, Regis d'Aubarede > <regis.aubarede / gmail.com> wrote: >> or I can do that at the beginning of my script : >> >> def my_require(gem,pack=nil) require gem >> rescue Exception => e >> puts "loading #{pack||gem} fromnternet ..." >> system("gem install #{pack||gem} --no-ri --no-rdoc") ; >> require gem >> end > > Breaks if the user account doesn't have write permissions to the gem > installation directory. > > Also: Who the hell do you think you are that you think you are allowed > to futz around with my OS during your script's runtime? What you are > doing *screams* malware behaviour (connecting to the internet and > downloading code; nobody can guarantee that you haven't done a > system("gem sources -a http://malicious.url") somewhere in there). > > If you are unable or unwilling to bundle your dependencies into one > package, that's very much _your_ problem: You can build a custom > RubyInstaller for Windows and include your dependencies, and for *NIX > you can create a tarball for distribution that includes your > dependencies. Heck, the latter works for Windows, too, if you don't > include native extensions. If you're worried about malware then I don't see how running someone's custom installer is any safer than running some script. Arguably, with the script you at least have a chance to look at what it's doing.