A place for developers to talk about building on Farcaster.

/dev

folks, can we please fucking stop normalising `curl | bash` as an installation method (yes, I'm also looking at you Foundry)? It's a _massive_ footgun that blindly executes remote code with zero verification. You're literally giving arbitrary internet bytes root access to your machine. This bypasses _decades_ of hard-earned lessons about secure software distribution. Just vibes and a prayer that the server wasn't compromised five minutes ago. If you're building tooling for developers, do better. If you're a developer using this, you know better.

𝐖𝐨𝐫𝐤𝐢𝐧𝐠 𝐨𝐧 𝐰𝐡𝐚𝐭'𝐬 𝐧𝐞𝐱𝐭.

https://github.com/pcaversaccio

the alternative would be package managers?