Where Sharp Apps can also be published to Gists where they can be run on-the-fly without installation, they're always up-to-date, have tiny footprints are fast to download and launch that can also run locally, off-line and cross-platform across Windows, macOS and Linux OS's.
YouTube demo: https://youtu.be/FlKeaav0gt8
Is it really safe that these gists are "always up to date", meaning they can be updated without you necessarily being informed.
Essentially this is a `pad-left` situation all over again - micromodules controlled by other people can be deleted or changed at any time, and some of these micromodules may become very widely distributed and relied upon.
So you have the flexibility of both options :
web open App # downloads and runs latest version
web run App # runs local offline version
Yes the sandbox is the difference between Desktop Apps and Web Apps, which is the point, Desktop Apps can do things Web Apps can't do and when you're running a Desktop App you're trusting the publisher just like you are with every other process running on your System.
Except when running from a public Gist you can inspect all the Source code before running it, know which verified User Account the software is released under and have a public audit trail of all changes made to the Gist App.
Package systems (which this essentially is, just at the function level, so to speak) that do not enforce immutable versions are just waiting for exploitation by deletion or update-in-place.
Does the specification format describing which gist and version is a dependency I want to download using the versioned values by default, or does that require a specific switch / manual edit?
Also, what happens if the gist is deleted?
You can run a previous version of a "Released" App when it's published to a GitHub Repo by just opening the GitHub Release .zip URL.
You'll only be able to review the changes made to a Gist App, to run a previous version, you'll need to fork the Gist and revert the changes made to it up to the version you want to run. This is also how you want to ensure the Gist App is around forever, just fork the Gist and run your forked version (same also applies to Sharp Apps in GitHub Repos).
If the Gist is deleted you wont be able to "open" the latest version obviously, but you can still use "run" to run your previously run local version.
I guess I need to look deeper into how SharpScript does things to get the proper terminology going, but, by way of explanation, I use Python in my day job.
As such, I was thinking along the lines of "how do I deploy a SharpScript Gist App with several Gist dependencies?".
In Python-land this would minimally be a Python script in a file and a requirements.txt file.
The requirements.txt file typically is a line-delimited file that has package names (or URLs, importantly) with optional version specifiers.
Since the Python Package Index is immutable, if I specify package "foo==1.2.3", I can be relatively certain that I will retrieve that package and that version, even if there are newer versions or the author deletes their upstream source control repository.
Anyway, I'm basically wondering what the SharpScript Gist Application approach will be to say "This script depends upon these gists with these versions".
I'm advocating for the default method to always specify a particular immutable version of a gist, otherwise, you will run the risk of these "always updated" gists changing in unexpected ways including malicious ones that perhaps check to see if they are on a CI server and steal credentials, etc.
Circling back to the top, I think if the only route to be sure that you have a permanent and immutable copy of a Gist Application is to fork it, then I further advocate that the SharpScript tooling should make this as easy as `sharp fork url-to-gist`.
One nice thing about Gists are that it scales nicely to support small fileset snapshots where all content is returned in the public API resource request, as well as supporting larger fileset snapshots where the contents of the gist are truncated and its contents are instead downloaded from its raw_url in an alternative HTTP Request. When you launch a Gist Apps it downloads all files (inc. truncated contents).
I don't intend to build forking gists into the App, it's not something I'd expect will get used a lot as most people are going to want to run the latest version of the App and get new features and bug fixes as soon as they're added. Those they want can fork Gists using GitHub's UI or APIs.
Unfortunately, this appears to mean it is not free software (though it is gratis for some use cases).
Regardless it's completely free to use for both commercial/non-commercial usage.
Regardless, this is why getting clever with software licenses, and giving guarantees in the form of comments instead of actual license legalese, is problematic. The intention might be clear, but the governance is only by law, and this appears to be in conflict with your statements.
Regardless #Script is unrestricted and free under the commercial license, which is what all official ServiceStack NuGet packages are released under.
i.e. It can be used as AGPL as-is, in addition it can be used in OSS projects under that license (to enable compatibility with the project) provided that the OSS Software remains OSS and provides complete source code for any additions. Although this AGPL/FLOSS Exception License only applies when you're creating your own distributions of ServiceStack from source code (i.e. very rare). This dual license option was added to allow OSS projects to use ServiceStack for free without paying for a commercial license, if that's not you, you can ignore this license option even exists.
All ServiceStack packages on NuGet are released under the commercial license  of which only requires a developer license when it exceeds the free usage quotas  which are only in ServiceStack commercial products namely the ServiceStack Web Service Framework, OrmLite , ServiceStack.Redis  and PocoDynamo . All other ServiceStack Software inc. all client libraries, inc. Serialization and ServiceStack.Common (containing #Script) are unrestricted libraries which can be used for free without a commercial Developers license in both commercial/non-commercial projects.
The source code for ServiceStack.Common is inside the https://github.com/ServiceStack/ServiceStack repo
The sharpscript.net website itself (written in #Script Pages) is at https://github.com/ServiceStack/sharpscript
To use any library you just need to provide a script method exposing the functionality you want available in your #Script:
Just want to point out that the maintainers should make this aspect more prominent in the home page as at a quick glance I thought SS is good only for creating apis/web servers.
The only time it compares with PowerShell is when it's used to execute Sharp Scripts  which is only 1 of its use-cases. You can embed it inside .NET/Core Apps , build entire Web Apps with #Script , run those Apps from a Gist on-the-fly without an install , deploy it on the Server without any CI , use it as a replacement to Razor , use it to develop Web APIs , use it to render emails , live documents , query Databases, HTTP APIs, AWS/Azure File Storage . All with a familiar JS-expression syntax  that's highly extensible  and can run in a user-defined sandbox  where all functionality available to Scripts running in each Context can be controlled.
ETA: Of course HN's own Unicode eater doesn't like the Sharp symbol in posts.
The similar looking Unicode Sharp, however is available.