|
|
|
|
|
|
by tronicdude
803 days ago
|
|
|
It's entirely open source and pretty comprehensible. That being said, of course the dev could tear up years of work and go rogue at any moment, like any other solo open source project dev. It's not my version of the script, it's what his auto-installer did to my zshrc, which I've retained. And the purpose of a self-install in the zshrc is twofold: portability to new systems, ie when I moved from macOS to Arch, my zshrc could stay mostly the same, and package management stuff. You may not be familiar with zshell/zinit forks but one can also use them as general package managers (https://wiki.zshell.dev/ecosystem/packages/synopsis) and do pretty cool shim stuff as well (https://wiki.zshell.dev/ecosystem/annexes/bin-gem-node) (https://zdharma-continuum.github.io/zinit/wiki/Annexes/). I don't think the genuine issues brought up (his new silly way of auto-installing zshell, etc) warrant the reaction this is getting (unixorn taking it off of awesome-zsh-plugins, etc). |
|
|
Not very reassuring in the context of the xz backdoor and sketchiness of this particular author. I think it's better to avoid it, regardless of whether the author is actually malicious. Giving the vibe of being somehow official and having this fake "company" is rightly criticized. That's not the behavior of the developer whose code I would want to run.
> of course the dev could tear up years of work and go rogue at any moment, like any other solo open source project dev
Given the sketchiness I'd say it's much more likely than with average dev.