1805
Don't be that guy.
(lemmy.world)
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Community icon from opensource.org, but we are not affiliated with them.
You're right to an extent, but there is nuance. No end user goes through the Debian repositories and checking the source code for each package by hand. You would be well within your rights to be annoyed if a
rm -rf /
got added into a script in the repos somehow. A level of trust somewhere is unavoidable for things to work smoothly.Of course the difference in level of responsibility between core repos and random code pulled of github is vast.