On Tue, 14 Jun 2022 19:25:41 +0200 cagsm <cumandgets0mem00f@gmail.com> wrote:
a yast repositories gui comes up and it kind of shows like tens of repos its trying to add lot of stuff scary to me? <https://paste.opensuse.org/46477611>
Why this huge difference to that single repo that is given in the expert details on software opensuse org
Exactly, WHY add a dozen repos? I just download, park in a folder of my own choice, insert that folder as a repo in Yast and done. But the underlying question isn't just a check to see if the file had been changed enroute, it's a check on whether the original author is trustable at all and there's no way of knowing that unless you know the person! I'm willing to risk using binaries from Suse, that's *already a compromise* compared to compiling, but that's where it ends. Flatpacking 'could' be the future answer for many reasons but if ever I install a binary flatpack it will have to come from Suse as well. BTW since when does a flatpack have to be binary? Right now hundreds wanna become the github of the future, millions of clickmoney waiting, but github is no more trustworthy than a used car salesman called Honest Igor :-) -- Oh Lord of the Keyrings on high, have I got bad news for you: the word trust is nowhere to be found in my security dictionary.