But there is no such rule! Plenty of projects that are _not_ security clowncars recommend curl|bash for thoughtful reasons. Plenty of projects that are security clowncars ship source tarballs with unreproducible ./configure scripts.
There is a _perception_ that it's bad, yes. I think a respected project using curl|bash is just as likely to to rehabilitate curl|bash and fix that perception, especially if (as here, as Sandstorm did, etc.) they write about why it's okay.
Geoffrey Thomas /
npub1c9…fkcjr
2024-05-23 12:56:09
in reply to nevent1q…hcxz
Author Public Key
npub1c9lng6pywu3dv85wsfgpulran2jrqulu7yw8sejr5ml69czq4v0sqfkcjrSeen on
wss://relay.nostr.bandPublished at
2024-05-23 12:56:09Event JSON
{
"id": "6c92569fabe95ab44b67064928ba174145002cba6f6ca0fafb7211667939b313",
"pubkey": "c17f3468247722d61e8e82501e7c7d9aa43073fcf11c786643a6ffa2e040ab1f",
"created_at": 1716468969,
"kind": 1,
"tags": [
[
"p",
"058a6d106c5e6719008ce4db3f64c846caf49925227a39533d12a846fbab21ee"
],
[
"p",
"093938ed56b0bf48e5b7a1edb07afba3b5a1d403d29c797f4a3cf5318647b309"
],
[
"e",
"7a78a94f859616f9279635b640538af9b74813b72b6969d583206cad5a10a494",
"",
"root"
],
[
"e",
"9a3f17d288ae90358b8fe4eac5647c25ca21341b9e1b2231d0e495baa7d92a79",
"",
"reply"
],
[
"proxy",
"https://mastodon.social/@geofft/112490510355032704",
"web"
],
[
"p",
"d57ad6e2c7b07cecc1cd5e6031f4097f696497b16d3df4700c38cfea9fc34c99"
],
[
"proxy",
"https://mastodon.social/users/geofft/statuses/112490510355032704",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mastodon.social/users/geofft/statuses/112490510355032704",
"pink.momostr"
]
],
"content": "But there is no such rule! Plenty of projects that are _not_ security clowncars recommend curl|bash for thoughtful reasons. Plenty of projects that are security clowncars ship source tarballs with unreproducible ./configure scripts.\n\nThere is a _perception_ that it's bad, yes. I think a respected project using curl|bash is just as likely to to rehabilitate curl|bash and fix that perception, especially if (as here, as Sandstorm did, etc.) they write about why it's okay.",
"sig": "098ddcf05f93edb815a0296555f3e99b68267cf32617b6b79d29364023e134d62e2eac94370adb2b960ca0849e71a0442ec9063900410d39618a196165d169bd"
}