cm0002@europe.pub to Linux@programming.dev · 28 days agoThe security situation with the Arch Linux AUR got a lot worsewww.gamingonlinux.comexternal-linkmessage-square37linkfedilinkarrow-up11arrow-down10cross-posted to: gaming@lemmy.ziplinux@lemmy.ml
arrow-up11arrow-down1external-linkThe security situation with the Arch Linux AUR got a lot worsewww.gamingonlinux.comcm0002@europe.pub to Linux@programming.dev · 28 days agomessage-square37linkfedilinkcross-posted to: gaming@lemmy.ziplinux@lemmy.ml
minus-squareMihies@programming.devlinkfedilinkarrow-up0·28 days agoGood luck with checking all dependencies as a developer, bonus points for JavaScript. You’ve just become a 98% less effective. But seriously, how would you check everything? And if you stumble upon malicious code, would you even recognize it?
minus-squareHaraldvonBlauzahn@feddit.orglinkfedilinkarrow-up0·28 days ago Good luck with checking all dependencies as a developer, bonus points for JavaScript. Yes I know well that JavaScript development practices are unsustainable. And at some point, chickens will come home to roost. For my part, I focus on minimalist, well defined systems, both as a user and developer. And trust where it is reasonable - not by default.
minus-squaredevfuuu@lemmy.worldlinkfedilinkarrow-up0·28 days agoNobody sane should be installing js code in their systems. Nor having node or even npm installed.
minus-squareVictor@lemmy.worldlinkfedilinkarrow-up0·28 days agoExactly, I wouldn’t know what I was looking at probably. We don’t really learn malicious programming at uni.
Good luck with checking all dependencies as a developer, bonus points for JavaScript. You’ve just become a 98% less effective. But seriously, how would you check everything? And if you stumble upon malicious code, would you even recognize it?
Yes I know well that JavaScript development practices are unsustainable.
And at some point, chickens will come home to roost.
For my part, I focus on minimalist, well defined systems, both as a user and developer. And trust where it is reasonable - not by default.
Nobody sane should be installing js code in their systems. Nor having node or even npm installed.
Exactly, I wouldn’t know what I was looking at probably. We don’t really learn malicious programming at uni.