• magikmw@lemm.ee
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    Winget is pretty cool, but I’m not sure how it works exactly. The package sourcing, like anything Microsoft does is a bit sus and I’m worried it’s crowdsourced.

    It’s great for passively checking for new versions of most software you got installed, won’t argue with that.

    • rtxn@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      It’s like a more curated AUR. Winget looks up the manifest (PKGBUILD equivalent) from its repo and executes its instructions. It usually downloads an installer, then executes it silently. The binaries may or may not be validated by Winget, and are mostly blobs, so exercise as much caution as with the AUR.