Actual question. Isn’t installing stuff from third party repos like super dangerous? The package scripts run with root access, right?
So, I guess you could tell if the hash of the package matches the hash of the code after you build it… But, what about upgrades on that package after it is installed? They could change the setup scripts and screw a lot of people right?
Not saying these guys do it, just wondering about security stuff.
“Science isn’t about WHY. It’s about WHY NOT. Why is so much of our science dangerous? Why not marry safe science if you love it so much. In fact, why not invent a special safety door that won’t hit you on the butt on the way out, because you are fired.” — Cave Johnson (Portal 2)
When I google for “cold dark place filled with sadness and despair” right now (with the quotes), google gives me exactly one result - my Linux kernel github repository.
I will call my new hobby “Reverse Emo Googlewhacking”.
Most full stack devs I’ve met are crap at one end or the other. I’ve also noticed a lot of el cheapo companies trying to get away with full stack only because having specialized devs costs them more money.
These companies would love to fire everyone and have DevOpsQAUxPmUiExec do everything instead.
VSCodium has limited plugins, but most known ones were available… Weird logo, some kind of a seaplant?? But I soon dig it…
VSCode has all the plugins, but with Microsoft’s Telemetry as expected… Cool logo…
Truth: I’m using VSCodium, the absence of Telemetry tends to improve it’s overall performance… I’m beginning to like the logo… Plugins support has improved, all the plugins I used in VSCode, are now available… All of it…
programmer_humor
Top
This magazine is from a federated server and may be incomplete. Browse more on the original instance.