top | item 37766535

(no title)

There should be a `curl | sh` in this, a security-oriented product? To demonstrate how badly you need it, perhaps?

Please don't pipe the Internet directly into your command line.

discuss

Ah yes, because using a package manager to pipe the internet directly into our computer instead is so much better.

nicce|2 years ago

Yes. Proper package manager usually proceeds to install only signed packages. It means that usually OS maintainer has verified the purpose of the package.

It gives a quite lot more trust than running arbitrary content as shell script, without any third party verification.

insanitybit|2 years ago

I feel like "curl | sh is fine" has been explained so many times at this point idk how people still aren't on the same page. If you hate "curl | sh" so much I'm sure they can provide some other method of installation.