this post was submitted on 16 Jun 2026
180 points (98.9% liked)
Linux
14018 readers
399 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
They should straight up take it down. This is affecting their distro's, and Linux's reputation.
It's a USER repository, where you literally download install files from unverified strangers.
There's a reason all the AUR helpers prompt you to verify all the files before they will build or install anything.
It’s still hosted on archlinux.org.
However “YMMV” the scripts are intended to be, they can’t host throngs of malware on their domain.
…Well, I guess they could if they want to become the next npm, but it still seems like a legal liability.
I’m not saying it should be taken down, but the status quo is definitely no longer acceptable.
THANK YOU!