I had no idea this issue had been identified. While I find this tool very useful, the project is seeming rather questionable to me now.

You are viewing a single thread.
View all comments
8 points
*

This is a bit absurd. I really don’t think this is as serious as some comments say. Also there is a comment from AUR package manager which explains more details. . And even the blobs in the first post there are source and build instructions in their respective folder.

permalink
report
reply
19 points

And even the blobs in the first point there are source and build instructions in their respective folder.

No it is not. It is supposedly the built result based on the instruction provided. If they can just provide that instruction, why not provide the source as well?

The issue thread also highlights the stubbornness and hostility of the project maintainer toward possible contributors.

permalink
report
parent
reply
13 points

I firmly believe there are no backdoors or anything dodgy going on here

OK but that’s hardly reassuring.

permalink
report
parent
reply
6 points

Not suspicious at all.

permalink
report
parent
reply
12 points

That linked reply doesn’t explain anything. It just says “bro trust him”. Just because you and the AUR maintainer says its trustful, does not make it clear whats behind the binary blobs. It doesn’t matter what anyone says, if we can’t verify. In my opinion, its absurd calling others absurd for not trusting the word of others.

permalink
report
parent
reply

Open Source

!opensource@lemmy.ml

Create post

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

  • Posts must be relevant to the open source ideology
  • No NSFW content
  • No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

Community stats

  • 3.2K

    Monthly active users

  • 1.2K

    Posts

  • 10K

    Comments