This is a really good point. Most of my deploys go via GitHub Actions these days and it's not easy for me to deploy manually should I need to when Actions is unavailable - I should fix that!

At a guess I would say probably using OCLP - https://github.com/dortania/OpenCore-Legacy-Patcher - lots of life left in old Mac’s using that tool !

Here's my `npm` command these days. It reduces the attack surface drastically.

  alias npm='docker run --rm -it -v ${PWD}:${PWD} --net=host --workdir=${PWD} node:25-bookworm-slim npm'

  - No access to my env vars
  - No access to anything outside my current directory (usually a JS project).
  - No access to my .bashrc or other files.

Ref: https://ashishb.net/programming/run-tools-inside-docker/

Are there any of these types actually created yet?

I think someone needs to let bill gates know about this video. It's very promising and well planned and it really just needs a minimal investment.

Also someone needs to write this stuff up into an engaging article. It's hard to spread the word with an hour long video.