I mean technically so are repos to some extent. Many of them have very few maintainers and you are basically just blindly trusting that they won’t both miss anything malicious nor be the cause of it.
A little safer but not some ultimate Bastion of safety
I mean technically so are repos to some extent. Many of them have very few maintainers and you are basically just blindly trusting that they won’t both miss anything malicious nor be the cause of it.
A little safer but not some ultimate Bastion of safety
Not really as repos go thought testing and most distros have reproducible builds.
AUR packages can be submitted by anyone with no testing or validation for the most part.