Is it a good idea to be distributing an exe file in git repos?
See original GitHub issueDescription
I am considering learning F# and .Net (I’m familiar with Haskell and other functional languages). F# seems like a well done language. But I’m a bit surprised with certain practices in packet. For instance you recommend uploading a bootstrapping exe (or even packet.exe) in the .packet
folder of the git repo. This is huge surprise to me because this does not seem like a good idea. How can you run a random executable blob after you clone a git repo? The trust issues just seem too huge to me. Even if the git repo is trustworthy its tough to be sure that the exe does not have bad things in it (the repo owner may have unwittingly added a bad exe to his repo).
You might suggest that packet can be built by source but that is not the default workflow you are suggesting to the users. A shell script that downloads packet.exe might be more palatable than an bootstrapper which is also an exe.
Expected behavior
In many other languages OCaml, Haskell etc. I think there are far saner and safer (by design) practices that seem to be followed and I think packet should encourage that. Maybe I’m a newbie and I don’t understand some things here. Please educate me why I should not worry about executable blobs in my F# git repos.
Issue Analytics
- State:
- Created 5 years ago
- Comments:15 (11 by maintainers)
Top GitHub Comments
Yes it’s bytecode. That’s why it runs cross platform.
Sidharth Kshatriya notifications@github.com schrieb am Di., 19. Juni 2018, 20:28:
@0x53A (As mentioned I’m a newbie to F#/.Net). So the packet.exe here is not windows exe in the traditional sense? Is it more like a java jar file?