this post was submitted on 19 Feb 2025
285 points (91.8% liked)

Mildly Infuriating

36867 readers
130 users here now

Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that.

I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!

It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.

Rules:

1. Be Respectful

Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.

Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.

...

2. No Illegal Content

Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.

That means: -No promoting violence/threats against any individuals

-No CSA content or Revenge Porn

-No sharing private/personal information (Doxxing)

...

3. No Spam

Posting the same post, no matter the intent is against the rules.

-If you have posted content, please refrain from re-posting said content within this community.

-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.

-No posting Scams/Advertisements/Phishing Links/IP Grabbers

-No Bots, Bots will be banned from the community.

...

4. No Porn/ExplicitContent

-Do not post explicit content. Lemmy.World is not the instance for NSFW content.

-Do not post Gore or Shock Content.

...

5. No Enciting Harassment,Brigading, Doxxing or Witch Hunts

-Do not Brigade other Communities

-No calls to action against other communities/users within Lemmy or outside of Lemmy.

-No Witch Hunts against users/communities.

-No content that harasses members within or outside of the community.

...

6. NSFW should be behind NSFW tags.

-Content that is NSFW should be behind NSFW tags.

-Content that might be distressing should be kept behind NSFW tags.

...

7. Content should match the theme of this community.

-Content should be Mildly infuriating.

-The Community !actuallyinfuriating has been born so that's where you should post the big stuff.

...

8. Reposting of Reddit content is permitted, try to credit the OC.

-Please consider crediting the OC when reposting content. A name of the user or a link to the original post is sufficient.

...

...

Also check out:

Partnered Communities:

1.Lemmy Review

2.Lemmy Be Wholesome

3.Lemmy Shitpost

4.No Stupid Questions

5.You Should Know

6.Credible Defense

Reach out to LillianVS for inclusion on the sidebar.

All communities included on the sidebar are to be made in compliance with the instance rules.

founded 2 years ago
MODERATORS
LillianVS@lemmy.world
STRIKINGdebate2@lemmy.world
Tenthrow@lemmy.world
285
When software devs expect you to pipe a script straight from the internet into Bash... (dubvee.org)
submitted 4 days ago* (last edited 4 days ago) by ptz@dubvee.org to c/mildlyinfuriating@lemmy.world
83 comments fedilink hide all child comments
 

Developers: I will never ever do that, no one should ever do that, and you should be ashamed for guiding people to. I get that you want to make things easy for end users, but at least exercise some bare minimum common sense.

The worst part is that bun is just a single binary, so the install script is bloody pointless.

Bonus mildly infuriating is the mere existence of the .sh TLD.

Edit b/c I'm not going to answer the same goddamned questions 100 times from people who blindly copy/paste the question from StackOverflow into their code/terminal:

WhY iS ThaT woRSe thAn jUst DoWnlOADing a BinAary???

  1. Downloading the compiled binary from the release page (if you don't want to build yourself) has been a way to acquire software since shortly after the dawn of time. You already know what you're getting yourself into
  2. There are SHA256 checksums of each binary file available in each release on Github. You can confirm the binary was not tampered with by comparing a locally computed checksum to the value in the release's checksums file.
  3. Binaries can also be signed (not that signing keys have never leaked, but it's still one step in the chain of trust)
  4. The install script they're telling you to pipe is not hosted on Github. A misconfigured / compromised server can allow a bad actor to tamper with the install script that gets piped directly into your shell. The domain could also lapse and be re-registered by a bad actor to point to a malicious script. Really, there's lots of things that can go wrong with that.

The point is that it is bad practice to just pipe a script to be directly executed in your shell. Developers should not normalize that bad practice.

you are viewing a single comment's thread
view the rest of the comments
[–] expr@programming.dev 3 points 3 days ago (2 children)

Nix. I use it for everything, including all of my tools I use on my work MacBook.

There are many ways to use nix for this stuff, but personally I use home-manager in a flake-based setup. Versions of tools are all pinned in a lockfile which is committed to source control, so it's easy to get my config and all my tools on a new machine without any breakage (it does require installing first, though).

It's a great tool and has largely solved the pain of dealing with having to work on MacOS, for me.

[–] PartiallyApplied@lemmy.world 1 points 2 days ago (1 children)

Do you know of any Nix projects which are basically nix-but-as-if-was-brew?

I get that this violates the Nix philosophy, but it’s hard convincing collabs to install a root package manager, which has install commands like:

nix profile install nixpkgs/nixos-24.11#hello

I get that it’s flexible, but I would like something more like:

nix install hello

I want three things:

  1. rootless
  2. can manage “casks”
  3. global cli with support for per-project flakes

Do you know if this exists / is being developed?

[–] expr@programming.dev 2 points 2 days ago
  1. Supposedly there's a way to install nix without root access, but I can't speak to it as I've never tried. Ofc it doesn't require sudo to install packages or anything, though.
  2. I don't think it does this right now, largely because it's super fucking complicated (as is basically everything Apple) and homebrew casks themselves have had a ton of headaches around it. But nevertheless, I think home-manager has some workarounds it uses itself to enable many common GUI apps on MacOS.
  3. Not sure exactly what you mean, but I think it does that?

If you want to install packages purely by name, you can use nix-env -i hello or whatever. But it's pretty janky and not really a recommended way of doing things.

[–] lastweakness@lemmy.world 1 points 3 days ago

Nix is a great suggestion and I think i will be using it moving forward as well. Thanks. Ideally I want to use NixOS, do you know if secure boot is still a pain point with NixOS?