cm0002@europe.pub to Linux@programming.dev · 11 hours agoThe security situation with the Arch Linux AUR got a lot worsewww.gamingonlinux.comexternal-linkmessage-square24fedilinkarrow-up1106arrow-down13cross-posted to: linux@lemmy.mlgaming@lemmy.zip
arrow-up1103arrow-down1external-linkThe security situation with the Arch Linux AUR got a lot worsewww.gamingonlinux.comcm0002@europe.pub to Linux@programming.dev · 11 hours agomessage-square24fedilinkcross-posted to: linux@lemmy.mlgaming@lemmy.zip
minus-squareMihies@programming.devlinkfedilinkarrow-up3·1 hour agoGood luck with checking all dependencies as a developer, bonus points for JavaScript. You’ve just become a 98% less effective. But seriously, how would you check everything? And if you stumble upon malicious code, would you even recognize it?
minus-squareHaraldvonBlauzahn@feddit.orglinkfedilinkarrow-up1·22 minutes ago Good luck with checking all dependencies as a developer, bonus points for JavaScript. Yes I know well that JavaScript development practices are unsustainable. And at some point, chickens will come home to roost. For my part, I focus on minimalist, well defined systems, both as a user and developer. And trust where it is reasonable - not by default.
minus-squareVictor@lemmy.worldlinkfedilinkarrow-up1·46 minutes agoExactly, I wouldn’t know what I was looking at probably. We don’t really learn malicious programming at uni.
Good luck with checking all dependencies as a developer, bonus points for JavaScript. You’ve just become a 98% less effective. But seriously, how would you check everything? And if you stumble upon malicious code, would you even recognize it?
Yes I know well that JavaScript development practices are unsustainable.
And at some point, chickens will come home to roost.
For my part, I focus on minimalist, well defined systems, both as a user and developer. And trust where it is reasonable - not by default.
Exactly, I wouldn’t know what I was looking at probably. We don’t really learn malicious programming at uni.