People are afraid of running unaudited `curl | sh`, but nobody bats an eye on 24707 lines of obfuscated garbage in `./configure`.
#xz
This entry was edited (1 month ago)
People are afraid of running unaudited `curl | sh`, but nobody bats an eye on 24707 lines of obfuscated garbage in `./configure`.
#xz
daniel:// stenberg://
in reply to Kornel • • •Kornel
in reply to daniel:// stenberg:// • • •@bagder Sure, but risks of binaries are rather obvious.
./configure seems to have flown under the radar due to counting as “source” despite not being much clearer than a decompiled binary.
To me this is such an unnecessary risk. It’s a slow awkward build system, and the reason it’s like that is due to its only unique selling point: support for platforms so obscure that museums don’t even keep them on display.
daniel:// stenberg://
in reply to Kornel • • •Kornel
in reply to daniel:// stenberg:// • • •To me the most depressing thing is that has always been like that, and there is no hope of it ever getting better, because in C time has stopped in 1989.
daniel:// stenberg://
in reply to Kornel • • •Kornel
in reply to daniel:// stenberg:// • • •Most autotools tests should have been compiler features, or standardized to remove pointless fragmentation. But in C it's impossible to fix even smallest problems on a timeline shorter than a decade or two, status quo is accepted as that just how things have to be. Often there is no will to even try, because it won't be compatible with C89.
daniel:// stenberg://
in reply to Kornel • • •