That was my first thought as well, but I will say that uBlue distros had a signing issue preventing updates recently, due to an oversight with how they rotated their image signing keys, and the easiest (maybe only?) solution was to pipe a curl command to sh. Even though uBlue is trustworthy, they still recommended inspecting the script, which was only a few lines of code.
In this case, though, I dunno why they don’t just package it as a flatpak or appimage or put it up on cargo.
Edit: nvm, they have some package manager options.
That was my first thought as well, but I will say that uBlue distros had a signing issue preventing updates recently, due to an oversight with how they rotated their image signing keys, and the easiest (maybe only?) solution was to pipe a curl command to
sh
. Even though uBlue is trustworthy, they still recommended inspecting the script, which was only a few lines of code.In this case, though, I dunno why they don’t just package it as a flatpak or appimage or put it up oncargo
.Edit: nvm, they have some package manager options.