this post was submitted on 12 Jun 2026
12 points (100.0% liked)

Intergalaktische Bogengemeinschaft

372 readers
1 users here now

Willkommen in der Bogengemeinschaft!

Um euch den Einstieg so angenehm wie möglich zu machen, haben wir hier die wichtigsten Informationen zusammengestellt.

Für Nichtbogennutzer und Neulinge empfehlen wir euch, zunächst vollständig das Wiki zu lesen, bevor ihr eine Frage stellt: https://wiki.archlinux.org/

Fortgeschrittene Bogennutzer finden hier Unterstützung: https://wiki.archlinux.org/

Bei Anregungen und Ideen zu dieser Gemeinschaft bitten wir euch, davon abzusehen und das Wiki zu lesen: https://wiki.archlinux.org/

Weitere Informationen findet ihr hier: https://wiki.archlinux.org/

Wir wünschen euch viel Spaß in dieser Gemeinschaft!

Ehemals /c/bogengemeinschaft@feddit.de.

founded 2 years ago
MODERATORS
Peter_Arbeitslos@feddit.org
aaaaaaaaargh@feddit.org
12
400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealers (cybersecuritynews.com)
submitted 6 days ago by Peter_Arbeitslos@feddit.org to c/bogengemeinschaft@feddit.org
8 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] manxu@piefed.social 3 points 6 days ago (1 children)

Yeah, that whole unverified developer build installation was always very risky. It's a real shame that so many distros fail to keep up with recent packaging, and that so many development environments have super lax policies on who can post a package to their repositories.

[–] cattywampus@lemmy.world 1 points 6 days ago* (last edited 6 days ago) (1 children)

You have to remember these are mostly people volunteering their time and who have entire full time jobs and lives outside of the distro. The amount of money doesn't cover the amount of employees for the amount of work there is. Even amongst the paid individuals, they're typically taking a substantial pay cut from what they could be paid doing something else. Linux is mostly built and maintained from philanthropy and passion.

[–] manxu@piefed.social 2 points 6 days ago (1 children)

You are absolutely right, and it's a shame that especially large corporations use open source without giving much back.

Still, the setup of a lot of software repositories and package management is almost comically lax. A little extra effort might do a lot of good, is all I am saying.

[–] cattywampus@lemmy.world 1 points 6 days ago* (last edited 6 days ago)

You're more than free to donate time. Linux is free monetarily but more importantly it's free as in freedom. You want something, you are free to go get it.