|
|
|
|
|
|
by kiallmacinnes
4017 days ago
|
|
|
And their system still does this for everything they distribute. This is no different really to, for example, pythons PIP. At least, as far as policy around signing of all Debian archive content. Granted.. This is a binary blob downloaded without consent which is an issue, its just not an issue with the Debian archive distributing unvetted code. |
|
|