Remember approved installer scripts to simplify package upgrades

[Iiridayn]

Arch Linux has a similar user managed package installer, and resultant similar security considerations. One feature which I've rather liked in pacaur (huh, maintainer just recently dropped it) is that it remembers which PKGBUILD scripts I've already approved. If the script hasn't changed, it continues without asking if I'd like to review it (since I've already seen it and approved), and if the script has changed, it shows me just the differences which have changed to review and approve. This saves me quite a bit of time when updating packages, without reducing security in any appreciable degree (yes, might see something on the second pass, but are more likely to carefully review the first pass if confident it is the first pass - so maybe slightly increases security).

Please add this time saving feature to choco:

• remember approved install scripts
• if unchanged, proceed without asking by default (or at least have a flag/option to enable this)
• if changed, show only the diff to approve (something like diff -u w/default 5 lines of context should be good)

Thank you for providing a real package manager for Windows applications.

[ferventcoder]

Hi @Iiridayn, I definitely like this feature!

I'm unsure where it might fall in our priority matrix, so I'm going to mark this as "Up For Grabs" for contributors to look at implementing. When we get closer we might split this to several tickets as there are different pieces in here that can provide value on their own.