
Bpkg – a Bash package manager - kolev
http://www.bpkg.io/
======
616c
I do not want to be that guy, but I do anyway. Haha.

Is there time for a service that looks at any README on a github project or
other indexable repos, and give it a cute landing page and failing grade if
the install recommends curl
[http://supersecure.script](http://supersecure.script) \- | bash # fuck my
box.

Perhaps ismyboxvaklem.pt?

~~~
zeograd
technically, they don't recommend it. curl whatever | bash is one of the 3
possible method (first listed, I agree) but there are 2 other ways to install
it.

otoh, don't you think that without the unsecure one liner to install it, some
people would complain about its lack ? Stating they can read the script before
executing it anyway.

Plus, it's not much less secure than cloning a repo and running 'make install'
(in both case, one could read the script(s) but will unlikely do so).

~~~
kolev
Exactly my thoughs, too! When you clone and make blindly, it's not any safer.

------
feld
STOP IT. WE DONT NEED THIS.

Direct your efforts to your favorite OS's package management team. Stop
creating new package management systems that permit idiots to install
vulnerable software that won't get flagged by widely accepted monitoring
practices for every OS

~~~
kolev
There's too much overhead to package and maintain small shell tools as native
packages. Plus, who wants their repository list to be growing infinitely with
PPAs that usually tell little about themselves. Major distros other than
Ubuntu are not any better.

