Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
winget-cli
WinGet is the Windows Package Manager. This project includes a CLI (Command Line Interface), PowerShell modules, and a COM (Component Object Model) API (Application Programming Interface).
The FlatHub review process (e.g. GH-3771) is only for it to get working, not vetting for malicious purposes, and even if the first recipe is benign, the uploader has complete control over future versions, thus FlatHub defers all responsibilities to the users. On the other hand, only a collective of people has write access to a distro, which enable the possibility to trust (or not trust) it as a whole based on its reputation.
It could be modified to be malicious after approval, but then the admins can mark it as EOL which shows a warning at install time (happened during the polymc drama for example)
There is also winget these days