Comment by pamcake
4 days ago
Audit the script locally first before running it? How is that unacceptable?
If you find that too risque or tedious, fine, don't use it. It can still be valuable for those happy to put in the effort.
4 days ago
Audit the script locally first before running it? How is that unacceptable?
If you find that too risque or tedious, fine, don't use it. It can still be valuable for those happy to put in the effort.
I think they have a point, you might (and should) evaluate it for each new package you install. But when you do a full system upgrade, are you telling me you'll review every AUR package again?
Most AUR helpers (well, the ones I've used at least, those being yay and pacaur) include the option to show a diff of PKGBUILD (and other provided files) for AUR package upgrades
Well I don't use any of those dirty helpers (now THAT'S crazy talk) so the AUR packages mostly get built on a separate schedule (whether fully manually or in CI) from running pacman -S.
I think only one or two non-mainline packages I depend on that get frequent updates and it matters.
Anyway, yes.
I wish I had the time, but I don't. Feels shitty, but what are you gonna do.