One particular chasm to keep an eye on, possibly even more relevant than Ubuntu using Rust: W...

edelbitter • today at 6:56 PM • 5 replies • view on HN

One particular chasm to keep an eye on, possibly even more relevant than Ubuntu using Rust: When it comes to building important stuff, Ubuntu sticks to curl|YOLO|bash instead of trusting trust in their own distributions.

https://github.com/canonical/firefox-snap/blob/90fa83e60ffef...

Replies

theamk • today at 9:51 PM

When people say "curl|bash", this usually means secondary fetches, random system config changes, likely adding stuff to user's .bashrc

But it's not quite that bad in this particular case - they are fetching pre-built static toolchain, and running old-school install script, just like in 1990s. The social convention for those is quite safer.

(Although I agree, it is pretty ironic that they prefer this to using ppa or binary packaged into deb...)

staticassertion • today at 8:47 PM

I don't get it. What's the chasm here?

kingstnap • today at 8:18 PM

You can curl stuff and run it just gotta have hashes in place.

➕ show 1 reply

LoganDark • today at 8:37 PM

Aren't the versions of Rust in stable Linux distributions like, a century old? Or at least they were last I checked what Debian and Ubuntu LTS were distributing. I think it's because they don't like static linking.

➕ show 1 reply

tokyobreakfast • today at 7:10 PM

[flagged]

➕ show 2 replies

alt Hacker News

Replies