1. Forum
  2. Usenet
  3. ALT.OS.LINUX.UBUNTU

  • deb-get

    From Andrei Z.@21:1/5 to All on Sat May 7 08:42:54 2022
    deb-get

    https://github.com/wimpysworld/deb-get

    "apt-get functionality for .debs published in 3rd party repositories or
    via direct download. It works on Ubuntu and derivative distributions."

    "The software below can be installed, updated and removed using deb-get."

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Mike Easter@21:1/5 to Andrei Z. on Sat May 7 06:04:06 2022
    Andrei Z. wrote:
    deb-get

    https://github.com/wimpysworld/deb-get

    "apt-get functionality for .debs published in 3rd party repositories or
    via direct download. It works on Ubuntu and derivative distributions."

    "The software below can be installed, updated and removed using deb-get."

    That seems like a 'good' (as in not-so-good) way to include 'unvetted' software.

    I think people should be (some form of) careful about where they get
    their ware.

    --
    Mike Easter

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Richard Kettlewell@21:1/5 to Mike Easter on Sat May 7 14:22:09 2022
    Mike Easter <MikeE@ster.invalid> writes:
    Andrei Z. wrote:
    deb-get
    https://github.com/wimpysworld/deb-get
    "apt-get functionality for .debs published in 3rd party repositories
    or via direct download. It works on Ubuntu and derivative
    distributions."
    "The software below can be installed, updated and removed using
    deb-get."

    That seems like a 'good' (as in not-so-good) way to include 'unvetted' software.

    I think people should be (some form of) careful about where they get
    their ware.

    The core idea (taking friction out of installing third-party software)
    by creating a mapping from names to installation resources isn’t a
    terrible one. (That’s what an app store is...) But that mapping needs to
    be trustable and “a script on github” isn’t a great way to achieve it - you are trusting all of the script author, github and internet PKI with
    it. There are multiple fairly more-or-less obvious to reduce that list.

    --
    https://www.greenend.org.uk/rjk/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andrei Z.@21:1/5 to Richard Kettlewell on Sun May 8 11:09:02 2022
    Richard Kettlewell wrote:
    Mike Easter <MikeE@ster.invalid> writes:
    Andrei Z. wrote:
    deb-get
    https://github.com/wimpysworld/deb-get
    "apt-get functionality for .debs published in 3rd party repositories
    or via direct download. It works on Ubuntu and derivative
    distributions."
    "The software below can be installed, updated and removed using
    deb-get."

    That seems like a 'good' (as in not-so-good) way to include 'unvetted'
    software.

    I think people should be (some form of) careful about where they get
    their ware.

    The core idea (taking friction out of installing third-party software)
    by creating a mapping from names to installation resources isn’t a
    terrible one. (That’s what an app store is...) But that mapping needs to
    be trustable and “a script on github” isn’t a great way to achieve it - you are trusting all of the script author, github and internet PKI with
    it. There are multiple fairly more-or-less obvious to reduce that list.

    MartinWimpress - Ubuntu Wiki
    https://wiki.ubuntu.com/MartinWimpress

    MATE Core Team
    https://mate-desktop.org/team/

    Martin Wimpress
    Packaging for Ubuntu-MATE and Debian, GSoC mentor, community management, infrastructure.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Mike Easter@21:1/5 to Andrei Z. on Sun May 8 07:58:33 2022
    Andrei Z. wrote:
    Richard Kettlewell wrote:
    Mike Easter <MikeE@ster.invalid> writes:
    Andrei Z. wrote:
    deb-get
    https://github.com/wimpysworld/deb-get
    "apt-get functionality for .debs published in 3rd party repositories
    or via direct download. It works on Ubuntu and derivative
    distributions."
    "The software below can be installed, updated and removed using
    deb-get."

    That seems like a 'good' (as in not-so-good) way to include 'unvetted'
    software.

    I think people should be (some form of) careful about where they get
    their ware.

    The core idea (taking friction out of installing third-party software)
    by creating a mapping from names to installation resources isn’t a
    terrible one. (That’s what an app store is...) But that mapping needs to >> be trustable and “a script on github” isn’t a great way to achieve it -
    you are trusting all of the script author, github and internet PKI with
    it. There are multiple fairly more-or-less obvious to reduce that list.

    MartinWimpress - Ubuntu Wiki
    https://wiki.ubuntu.com/MartinWimpress

    MATE Core Team
    https://mate-desktop.org/team/

    Martin Wimpress
    Packaging for Ubuntu-MATE and Debian, GSoC mentor, community management, infrastructure.

    I understand the concept.

    If I'm willing to trust various dev/s for .ppa/s, why shouldn't I trust
    MW for taking care of bidness.

    --
    Mike Easter

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)