You have a point, but we need to take into account that the technology has been around for a long time, the risks are well known and documented, and safety concerns of most of these package managers have been addressed to maintainers.
The example in the article has come to light accidentally, but we must seriously ask ourselves how many incidents are currently unidentified.
Besides, you can use Nix for 'normal' development. It is suitable for more things than just a distro package manager.
The example in the article has come to light accidentally, but we must seriously ask ourselves how many incidents are currently unidentified.
Besides, you can use Nix for 'normal' development. It is suitable for more things than just a distro package manager.