|
|
|
|
|
|
by beej71
4 days ago
|
|
|
I hear you, but consider xz. I'm a professional with decades of experience and I'd be lying if I said I'd have caught that. How long would an audit have taken, realistically? You're not wrong, but I don't think the GP is, either. |
|
|
I don't review updates to official packages on Arch, I don't think most people have time to do so, it's just way too much. Things change when we talk about AUR though, as those aren't vetted, those you need to take the time to review, otherwise you're basically installing completely unreviewed software from strangers on the internet.