Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
hachyderm.io is one of the many independent Mastodon servers you can use to participate in the fediverse.
Hachyderm is a safe space, LGBTQIA+ and BLM, primarily comprised of tech industry professionals world wide. Note that many non-user account types have restrictions - please see our About page.

Administered by:

Server stats:

9.3K
active users

hachyderm.io: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Quiet public
Jérôme Petazzoni

@puppygirlhornypost@transfem.social @dalias I agree with you; I'm going to try to rephrase my initial question 😅

Given that virtually all¹ package managers have some way to run arbitrary postinstall scripts (as root!); what makes a deb/rpm/AUR/... better than curl|sh?

My stance is that if I install packages from "core" repos, I'm probably good, because these maintainers usually care *a lot* and to a fantastic job (at least compared to the average dev trying to package their stuff).

But with 3rd party stuff…

Cassandrich

@jpetazzo @puppygirlhornypost@transfem.social Yes, it's basically the difference between trusting one party you chose to mediate these things and make good decisions for you, and N parties who at best are sloppy, if they don't have outright conflicts of interest that disqualify them from making these decisions for you.

May 23, 2024, 07:14 PM·Quiet public·Web
2boosts·2favorites
ExploreLive feeds
About