note that as usual in media the headline is less true than the article. nobody said “under control” but “all known commits have been reverted”

it’s bypassing the normal place to download (in the PKGBUILD) and doing so in a place that’s unsandboxed instead (in the .install file, not the PKGBUILD) when it didn’t need to do that before

that is indeed the official guides’ fault if they’re not in charge of helping maintain the AUR package. not the case for most of the infected packages here other than notably alvr, though.

windows update doesn’t force you to take a look at the changelog. most AUR helpers do so you better bet that it’s important

it’s a mailing list, so heads up, if you subscribe you’re also gonna get other discussion like the forums.

https://lists.archlinux.org/mailman3/lists/aur-general.lists.archlinux.org/

since the 2022 grub incident, Arch has done a great job at notifying the news channel when “manual intervention required” AFAIK, and I don’t remember any instances of Arch maintainers only notifying Reddit (and I don’t think they notified Reddit for the grub incident either lol).

the arch news channel is for breaking changes to arch pacakges (so not the AUR) only. maybe you could subscribe to aur-general@lists.archlinux.org.

(hopefully this doesn’t read as blaming the victims instead of the attackers but) I personally don’t think it’s that complicated to read the updates to AUR packages. It’s not any more hard than only commenting after reading the links that people post here instead of just the headlines—which we all do, right?

deleted by creator

well what you said after zir reply didn’t demonstrate any of that

that you write things i’m trying to understand the relevance of, like “This information wasn’t provided in the post.” and “the first comment points to btrfs”. The Reddit link you gave also points towards btrfs as well as very undetailed mentions of zfs. ze says “i’ve tried btrfs and it doesn’t work so i’m looking into zfs”, and you reply “use btrfs use btrfs or look into zfs”, a message whose helpfulness I struggle to understand.

the device I’m testing first is too small for btrfs

Yandex is Russia’s Google, sold in 2024 to Russian oligarchs with close state ties, so I’d say it’s justified to criticize this particular sponsorship business

well you no longer have to do the off-label calculation

oh shoot this was still going! could you change my ping to @Aatube@thriv.social ? on kbin.melroy.org for quite a few weeks i had a problem where i didn’t receive a notification and i think they only started trickling in last week

Thorium Reader is what I used, both on Windows and Linux

what does that mean

ah i have had that happen before lol. it does copy spaces but it doesn’t overwrite your main clipboard so i don’t have qualms about it. every app you’d expect to support middle-mouse drag except notepad/gedit/kwrite/etc supports it instead of pasting unless you use chromium without the relevant extension or remain static over a textbox.

interesting; how does one copy from an empty field by accidnet? /geniunely curious and oblivious

but it’s quite intuitive to realize what it does