I think the replies saying how terrible this is are missing it. The Linux community is a high-trust community and has continuously earned that trust over and over again. The times when it's been broken are so few it's newsworthy each time it happens.
Anyone who's like "well I don't copy/paste shell code into my terminal" is just virtue signaling. I'm willing to bet their editor Vim/Emacs/VSCode is overflowing with plug-ins and code written by just some guy on Github. I bet they've ran containers that are written by just some guy too.
It's a really cool feature that you can just download a random binary off Github, run it, and not really have to worry about it.
Anyone who's like "well I don't copy/paste shell code into my terminal" is just virtue signaling. I'm willing to bet their editor Vim/Emacs/VSCode is overflowing with plug-ins and code written by just some guy on Github. I bet they've ran containers that are written by just some guy too.
It's a really cool feature that you can just download a random binary off Github, run it, and not really have to worry about it.