> curl -fsSL https://raw.githubusercontent.com/grzegorz-raczek-unit8/clau... | bash
Can we stop with this way of installing things? This is already on brew and it’s a menu bar app. Just let me download it instead of executing some arbitrary bash script
When did this trend start?
I need to turn this into a blog post at some point:
Some of my early bad experiences with Linux arose because I installed software in ways that broke the system quite impressively. This taught me that with most Linux systems, you are not really supposed to just download random packages and shoe-horn them into your system. Or blindly compile and sudo make install things that could conflict with already-installed software.
The curlpipe pattern feels like a return to YOLO'ing your software installations, like the bad old Windows days where any INSTALL.EXE could overwrite another program's DLLs, wherever they lived on the disk. I trust the developers of my operating system to know what they are doing when they package software for it because most Linux distro communities have a vetting or code review process. I even sometimes trust people and projects who build their own packages for my distro and host them in their own third-party repo. Because that alone shows they probably have learned the bare minimum of things necessary to not break their users' systems.
But a curlpipe script? In my experience, the percentage of developers on GitHub who can write decent Python or Javascript code, and yet don't understand the basic concepts of The Unix Way and how to write safe, portable shell scripts is Very High. I am not going to hand control of my computer over to a random shell script on the Internet, end of story. If your program is any good, provide some generic hand-written instructions on how to build and/or install it, and I will follow those so that I can vet or modify each step as needed. I don't have time in my life to code review your shell script for a project that I was only mildly interested in to begin with.
Agree, and a lot of software on Mac tends to do the same thing: Codex, Claude Code, and so on. Fortunately, it’s just one of many options, and we can use Homebrew in 95% of cases.
P.S. Installing Homebrew is also officially done by running a shell script from GitHub.
While I agree it's not super safe, even CC is installed this way: https://code.claude.com/docs/en/quickstart
Funny you should mention homebrew in this complaint.