Lars Marowsky-Brée 😷Feb 5

Hot take: If we added a "--install" option to #curl, we could optimize many a "| sh -" pipeline away.

Finally a truly universal installer.

Show threadTom BortelsFeb 5

@larsmb

Not sure how "| sh" is any less secure than what people do 99.9% of the time anyway, which is download an installer or executable and not bother or validate it.

If you really want to change the world, work out an actually secure mechanism (tall order!) and have --install implement it. Not sure what that would look like: https requirement, maybe a database of known/vetted installations, a means to report issues. Very tall order.

Show threadDr. Christopher KunzFeb 5
@tbortels Well that's, like... a package manager? Let's call it cURL Universal Package System and abbreviate it CUPS... oh damn.
Show threadLars Marowsky-Brée 😷
@christopherkunz @tbortels Package managers are so awesome we have hundreds.
Feb 5 at 4:40pmWeb
Show threadTom BortelsFeb 5

@larsmb @christopherkunz

There is *always* a relevant XKCD:

https://xkcd.com/927

Standards

xkcd
Show threadExpired TokenFeb 7
@tbortels @larsmb @christopherkunz
This one completes the picture:
https://xkcd.com/1654/
Universal Install Script

xkcd