Where to begin… I think numerous sources already discuss what is bad about Amazon, the shopping website, and its CEO. One among many other issues, which I think shows best what Amazon’s values are: for all the resources they have, the Amazon website is terrible to use, and it’s done on purpose. Search filters are useless, promoted products show up everywhere… The website isn’t designed for you to find the things you want, it’s designed for you to buy what somebody else wants to sell. This isn’t a business model I care for, and if that’s what the company is about, I don’t want anything to do with them or any of their products, no matter how good or popular.

Can’t speak for everybody else, but I personally don’t approve of Amazon or any of their services, so I will downvote any content that promotes them, directly or not.

Ironically, it is rustup that triggered me with this most recently… https://www.rust-lang.org/tools/install

Thank you for the nuanced answer!

You ask why I feel this is less secure: it seems the lowest possible bar when it comes to controlling what gets installed on your system. The script may or may not give you a choice as to where things get installed. It could refuse to install or silently overwrite stuff if something already exists. If install fails, it may or may not leave data behind, in directories I may or may not know about. It may or may not run a checksum on the downloaded data before installing. Because it’s a competely free-form script, there is no standard I can expect. For an application, I would read the documentation to learn more, but these scripts are not normally documented (other than “use this to install”). That uncertainty, to me, is insecure/unsafe.

I do, but some of these scripts are quite complex and hard to parse. When all I would really need to do this myself is a direct download URL and unzip/untar in a folder of my choice, it’s a pain.

Indeed, looking at the content of the script before running it is what I do if there is no alternative. But some of these scripts are awfully complex, and manually parsing the odd bash stuff is a pain, when all I want to know is : 1) what URL are you downloading stuff from? 2) where are you going to install the stuff?

As for running the program, I would trust it more than a random deployment script. People usually place more emphasis on testing the former, not so much the latter.