

with that being the case, correct me if I’m wrong, but your pitch is that users should trust your manually compiled and maintained commands to install things because you’re guaranteeing that the binaries being installed by your commands are from official sources, and that is better (in at least some cases) than cached binaries from something like nixpkgs, where the trust we are asked to give is that the cache is built correctly from source.
source: https://nitter.net/alxfazio/status/1926731799226462646#m