I only discovered this recently, and it’s very handy.
Piping scripts directly to bash is a security risk. You can always download the scripts, inspect them and run locally if you so choose.
I only discovered this recently, and it’s very handy.
Piping scripts directly to bash is a security risk. You can always download the scripts, inspect them and run locally if you so choose.
The URL can point to a different file. People can post maliciously similar URLs and trick you into running something else.
With a repository you have some semblance of “people have looked at this before”. Packages are signed and it will provide a standard way to uninstall and upgrade in the future.
There’s literally no good reason to replace it with a shell script on a website.
I fully agree that a package manager repository with all those tools would be preferable, but it doesn’t exist, does it? I mean… content is king. If the only way to get a certain program or functionality is a shell script on a website, then of course that’s what is going to be used.