Episode 266 – PowerScripting Podcast – Matt Wrock from Microsoft on BoxStarter
Listen to this Episode
Audio available
A Podcast about Windows PowerShell. Listen:
**
**
In This Episode
Tonight on the PowerScripting Podcast, we talk to Matt Wrock about BoxStarter
News
The [Chicago PowerShell User Group](http://www.eventbrite.com/e/chicago-powershell-user-group-kick-off-meeting-tickets-11253558697?aff=es2&rank=9) is meeting May 8th
Interview
Guest - Matt Wrock
Links
[http://boxstarter.org/](http://boxstarter.org/)
[http://chocolatey.org/](http://chocolatey.org/)
[Nuget Package Explorer](http://npe.codeplex.com/)
[http://www.myget.org/](http://www.myget.org/)
[ProGet](http://inedo.com/proget/overview)
[Matt interviewed on Runas Radio #355](http://runasradio.com/?nomobile=1&ShowNum=355)
[Getting started with Boxstarter](http://boxstarter.org/WebLauncher)
[http://boxstarter.org/package/nr/astley](http://boxstarter.org/package/nr/astley)
Chatroom Highlights:
[22:43:30] FWIW, my 2c: I think a “moderated” feed (where you just trust the core chocolatey team to review packages, instead of trusting all the authors) is the answer to “trust” – the idea being the core team says that yes, this module just downloads and installs “the real product” that it claims to.
Have you heard rumors that chocolatey may move away from nuget?
Are you involved in the chocolatey community at all?
Are you (un)happy/neutral that Chocolatey has moved their lib/install folders to C:\ProgramData
Are you (un)happy/neutral about the idea of expecting users to be “elevated” when running cinst?
Does that mean boxstarter only works on machines that have access to the public internet? <– I know it does, just want to bring it up
What do you think about a “Moderated” feed like NuGet has for Microsoft
Isn’t virus scanning the package mostly useless, since the package is just a script that downloads from the web? Would you guarantee that the install.ps1 can’t download anything without scanning it?
Assuming that malicious code does make it into Chocolatey, what’s the response? API keys revoked, packages taken offline, etc? How fast would that happen?
if you use LastPass check out this tool http://blog.lastpass.com/2014/04/lastpass-now-checks-if-your-sites-are.html
http://www.atlantaallergy.com/pollenCount.aspx
http://www.nwasthma.com/pollen/pollen-count
http://runasradio.com/?nomobile=1&ShowNum=355
Downloading SublimeText3 64 bit (http://c758482.r82.cf2.rackcdn.com/Sublime%20Text%20Build%203059%20x64%20Setup.exe
halr9000: http://c758482.r82.cf2.rackcdn.com/Sublime%20Text%202.0.2%20x64%20Setup.exe <– that’s the “official” download link.
http://inedo.com/proget/overview
Sorry, yeah, http://c758482.r82.cf2.rackcdn.com/Sublime%20Text%20Build%203059%20x64%20Setup.exe my point is that your url was the official one
http://boxstarter.org/WebLauncher
http://www.boxstarter.org/VMIntegration
e.g. http://boxstarter.org/package/nr/firefox
http://boxstarter.org/package/nr/rickroll
http://boxstarter.org/WebLauncher has links to the firefox and chrome click once extensions at the end of the page
http://boxstarter.org/package/astley
The Question -
- Superhero - Professor Time