176

The security situation with the Arch Linux AUR got a lot worse (www.gamingonlinux.com)

submitted 3 days ago by cm0002@europe.pub to c/linux@programming.dev

40 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] Mihies@programming.dev 13 points 3 days ago

Good luck with checking all dependencies as a developer, bonus points for JavaScript. You've just become a 98% less effective. But seriously, how would you check everything? And if you stumble upon malicious code, would you even recognize it?

[-] devfuuu@lemmy.world 3 points 3 days ago

Nobody sane should be installing js code in their systems. Nor having node or even npm installed.

[-] HaraldvonBlauzahn@feddit.org 2 points 3 days ago

Good luck with checking all dependencies as a developer, bonus points for JavaScript.

Yes I know well that JavaScript development practices are unsustainable.

And at some point, chickens will come home to roost.

For my part, I focus on minimalist, well defined systems, both as a user and developer. And trust where it is reasonable - not by default.

[-] victorz@lemmy.world 2 points 3 days ago

Exactly, I wouldn't know what I was looking at probably. We don't really learn malicious programming at uni.

this post was submitted on 14 Jun 2026

176 points (97.3% liked)

Linux

14008 readers

384 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 3 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev