|
|
|
|
|
|
by k_g_b_
101 days ago
|
|
|
Compared to other Linux distribution's package tooling Arch's is pretty nice and painless, I think. Agreed with namcap/chroot - I think there should be even more mandatory checks on pushing stuff to AUR. But even so - regarding your last point: you absolutely need to check all PKGBUILDs from AUR or potentially get malware. https://bertptrs.nl/2026/01/30/how-to-review-an-aur-package.... is a nice recent article by one of the maintainers that follows up on last year's AUR malware. The final point sums it up, though: the AUR was built without the security mechanisms - technical and social - we want and need today. |
|
|