On 22 May 2014 05:31, Rob Kendrick <[email protected]> wrote: > On Wed, May 21, 2014 at 10:05:56PM -0300, Hisham wrote: >> That's how things work on most repositories [1] (Cabal, RubyGems, npm, >> etc.) And to be honest, I don't think maintainers of most curated >> repositories do thorough code audits either. > > This is probably why I always use packaged versions of modules for the > languages I use :)
Fair point. Still, the greater safety in blinding installing a module from a .deb package as opposed to MoonRocks (or hosting a mirror) comes from the fact the selection of packages is curated, not necessarily that the code inside them is thoroughly audited. -- Hisham ------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs _______________________________________________ Luarocks-developers mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/luarocks-developers
