do you know where the big security holes are on that? Looks like they check the SHAs on the items they download.
historically, package repos have seemed like more of a target. I’d like to see packages signed by maintainers.
-
-
Yup. That was the “general” question I was getting at re:Homebrew. I don’t actually know what the current system does.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.