You mean… zero scrutiny? 🙂 The big advantage of AUR is that there’s only one of it but that’s about it.
The PPA model is fundamentally broken. As soon as you replace a core package from a PPA (which happens silently if it’s a dependency) you can kiss upgradeability goodbye. By the time the next Ubuntu release rolls out you’ll be in dependency hell and won’t be able to upgrade cleanly.
Except they can be hosted by the person/company making the software. This always seemed more trustworthy than AUR to me.
Of course there are also community PPAs that would need the same scrutiny as AUR packages.
You mean… zero scrutiny? 🙂 The big advantage of AUR is that there’s only one of it but that’s about it.
The PPA model is fundamentally broken. As soon as you replace a core package from a PPA (which happens silently if it’s a dependency) you can kiss upgradeability goodbye. By the time the next Ubuntu release rolls out you’ll be in dependency hell and won’t be able to upgrade cleanly.
PPA:s are specifically hosted by Canonical, no? Otherwise it’s just a normal repo.
Wait, being hosted by anyone makes it more secure?
Jeez, I’m glad I’m not new to the internet and backwards rhetoric like yours just falls by the wayside because I’m so used to it.
I just don’t expect more from you people at this point 🤣