Dependencies:
Old ass library version from 2004
apt/dnf/pacman: package not found
library package was last available 15 years ago before it was dropped to move to the next legacy version
App package was available right up until last year until it was dropped for development inactivity
Absolutely no one has a compiled version of old ass library
Attempting to compile old ass library results in 30 other old ass package dependencies
How in the actual world was the maintainer compiling this up to last year
It worked on their machine
They have old/orphaned dependencies on their machine. It’s hanging on a by thread. They have no idea the packages have disappeared years ago. The house of cards is a bit flip away from collapsing.
Why docker was created be like
Does docker solve this problem?
Why even use releases? Everyone can build everything for themselves. ‘Normal Users’ are just lazy, everyone wants to know how every piece of software is built for their system, it’s not like they have other stuff to do.
I thought that was what Gentoo was doing, but they have far more binary packages nowadays than I thought they’d ever get.
llvm, clang are packages I give 0 fucks about, but take a significant part of my updates. I never really got around to it, but I will try to make them binary downloads instead of building that shit. Like I understand gcc, but have 0 interest in llvm, and can’t have firefox without it… smh
yay <package name>
There is a 99% chance it’s in there, and there is an 80% chance it uses the latest version/git HEAD
Yay?
yay, a utility to access the AUR, where users share build scripts instead of binaries. It’s just one step abovecurl | sudo shin terms of security.Except it automates the steps you’d have to take to inspect and edit the script, if needed. Also, PKGBUILDs are much nicer to read than just plain install scripts. And, of course, it actually builds a package, which is then installed, so it’s not only tracked but can be updated like the rest of the system.
To be fair, that’s why they said
in terms of security.
I’d say that yay encourages checking the PKGBUILD or its diff more than the average “curl xy | sudo sh” instruction, but considering most people see yay just as yet another package manager, instead of an AUR helper, that’s probably true for most people
That’s why it’s one step above. The user is given an option to read the PKGBUILD (or a diff with the cached copy if it exists), but beyond that, it’s still unverified arbitrary code from an external source (the project’s actual source, binaries, or packages from another repository). Packages in the official Arch repos are verified by the downstream packagers. For AUR packages, it’s up to the community to moderate itself, and the user to determine whether the package is trustworthy, and I’m willing to bet that not many people do it. I certainly don’t vet everything I install.
That’s probably the “just one step above” part. You do have the option to inspect the script you’re executing before you do so with
curl | shtoo, if you know what you’re doing. If you don’t, then you’d be pretty likely to just skip the prompt fromyayas well. (Automatic diffs are nice tho.) Note: I useparuinstead so I don’t know whatyaydoes.
I don’t think the aur can switch the delivered script whether you are piping it into sh or not.
Nobody likes to figure out dependencies. And C++ template errors are sometimes completely crazy.
Casual Linux things that get normal people running from the os in fear.
Guys I downloaded the github link, and it won’t launch as an app, what do? :(
/j
Are you a vibe coder?
you gotta click on the blue e on your desktop
You guys have stuff on your desktop?
