this post was submitted on 18 Oct 2023
13 points (93.3% liked)
General Programming Discussion
7803 readers
1 users here now
A general programming discussion community.
Rules:
- Be civil.
- Please start discussions that spark conversation
Other communities
Systems
Functional Programming
Also related
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The mojo, cpan and pip bash scripts don't fail my test of "skimming over the source and looking for dangerous external commands like curl or
rm
" (good syntax highlighting is helpful here). They look like typical completion scripts. However, if your Linux distribution has a pip completion script in their repos, prefer that one.Thanks. At least I've got a few clues to look for when auditing such code.