Actually, having taken a look, I stand corrected. Although it started off as just Python, Node has seeped it's way in a little bit (in terms of if you're wanting to build from source).
They're using Grunt (by default) to process LESS files, which requires node, you've also got bower (that should have jumped out at me in your error!).
Your make all, of course, builds the JS and CSS, which uses Grunt and Bower.
As far as I can see, Node is only used for automating parts of the build, which to be honest makes it worse in my view - requiring a completely different tool chain just to build?
You can run Mailpile without having Node installed by using the pre-built binaries, just install the dependencies, but that's placing an awful lot of trust in the repo (and the devs themselves).
There was a slight off-topic tangent about "why not use node" here in 2013 but around a year later Grunt was introduced in Oct 14 (hadn't realised my build was quite so out of date....). Not going to dig any further.
So, basically, you have two options
- trust the devs never to fold to pressure and tamper with the binaries
- Use node to build your own from source
> Mailpile certainly doesn't look like as secure as such system could be.
Sadly it looks that way, though I doubt it's likely to change, I've been waiting for the 1.0 milestone to see whether the other issues I have with it get addressed. Some, I know, have as the GH issues have been resolved, so I'm being patient with the other bits :)