[mac3n]

good thing I don't use npm or pip, just the recommended

    curl ... | bash

[fragmede]

It's curl | sudo bash.

Amateur.

[raesene9]

So old school, now we get install lines like Tell Opencode to "Fetch and follow instructions from https://raw.githubusercontent.com/obra/superpowers/refs/head..."

From a real repo, with 186K stars... https://github.com/obra/superpowers

[fmbb]

I always sudo curl to be extra sure.

[naruhodo]

Weak sauce.

curl | sudo dd of=/dev/sda

[walrus01]

To be really sure it downloads, curl -k | sudo bash

[scrollaway]

`curl -k | sudo bash | yes` for good measure, otherwise it might hang.

[somebudyelse]

If you really want to make sure that it's the right thing (because piping to sudo bash is risky), make sure the URL starts with "pastebin", or ends in ".tk", or is an IP address.

[walrus01]

To be absolutely positively certain, be sure that the IP address is also in the same /24 as the same net blocks and hosted on the same AS that appear in every DNS based mail RBL possible.