The exploit isn't a general risk of package management, but a weakness in scripted pull request handling. GitHub is the problem, and not for the first time (remember the Homakov exploit?). Homebrew is quite similar to…
The exploit isn't a general risk of package management, but a weakness in scripted pull request handling. GitHub is the problem, and not for the first time (remember the Homakov exploit?). Homebrew is quite similar to…