Thread replies: 7
Thread images: 2
Anonymous
2016-06-04 13:14:17 Post No. 54906213
[Report]
Image search:
[Google]
Anonymous
2016-06-04 13:14:17
Post No. 54906213
[Report]
Arch users:
Do you read the PKLGBUILDs for things you install from the AUR? If not, you should. As it stands its a major security flaw, as anyone can change the install instructions to download any file and run anything they want on your machine.
Also by messing up small things like version numbers, dependencies or even putting things in the "provides" array can seriously fuck with pacman, and cause major problems such as not getting security fixes if pacman thinks you're running version 1000 of chromium-git or saying that a package provides a runtime dependency of another package you install like a year later, and will be pretty untraceable as to why it isn't working.
On the other hand, pacman is a great package manager but you shouldn't install things from the AUR if you can help it, and should be writing your own PKGBUILDs. It isn't that hard if you don't know how, and the wiki although being comprehensive in its page on the subject but as usual mostly indecipherable for new users.
I'll post a friendly clear intro guide to writing PKGBUILDs if anyone wants it, but if you're wondering why everyone in the community is so up their butt about AUR helpers or pacman wrappers, its about 75% condescending cuntery (as usual) and 25% these facts.