New favorite tool 😍

  • BatmanAoD@programming.dev
    link
    fedilink
    arrow-up
    4
    arrow-down
    9
    ·
    7 months ago

    But…“just execute this .exe, bro” is generally the alternative to pipe-to-Bash. Have you personally compiled the majority of software running on your devices?

    • DaPorkchop_@lemmy.ml
      link
      fedilink
      arrow-up
      14
      arrow-down
      2
      ·
      7 months ago

      No, it was compiled by the team which maintains my distro’s package repository, and cryptographically verified to have come from them by my package manager. That’s a lot different than downloading some random executables I pulled from a website I’d never heard of before and immediately running them as root.

      • Miaou@jlai.lu
        link
        fedilink
        arrow-up
        2
        ·
        7 months ago

        Everything you’ve ever needed was available in your distro’s package manager?

      • BatmanAoD@programming.dev
        link
        fedilink
        arrow-up
        3
        arrow-down
        5
        ·
        7 months ago

        Yes, I agree package managers are much safer than curl-bash. But do you really only install from your platform’s package manager, and only from its central, vetted repo? Including, say, your browser? Moreover, even if you personally only install pre-vetted software, it’s reasonable for new software to be distributed via a standalone binary or install script prior to being added to the package manager for every platform.

    • onlinepersona@programming.dev
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      7 months ago

      Are you seriously comparing installing from a repo or “app store” to downloading a random binary on the web and executing it?

      P.S I’ve compiled a lot of stuff using nix, especially when it’s not in the cache yet or I have to modify the package myself.

      Anti Commercial-AI license

      • BatmanAoD@programming.dev
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        7 months ago

        No, I agree that a package manager or app store is indeed safer than either curl-bash or a random binary. But a lot of software is indeed installed via standalone binaries that have not been vetted by package manager teams, and most people don’t use Nix. Even with a package manager like apt, there are still ways to distribute packages that aren’t vetted by the central authority owning the package repo (e.g. for apt, that mechanism is PPAs). And when introducing a new piece of software, it’s a lot easier to distribute to a wide audience by providing a standalone binary or an install script than to get it added to every platform’s package manager.