I created a script that always installs apps from their official source
https://github.com/Tsu-gu/appfetch/
It’s a proof of concept of an idea I had a while ago. I dislike having to hunt down apps for my Linux machine when I want them from an official source. Some apps are packages as tarballs, some as .debs, some as install scripts that download a binary, some are flatpaks and snaps.
I created a yaml file with only verified apps from flathub and snapcraft, and added a few apps outside of them that I could think of.
The ultimate goal is the user just typing the names of what they want, and the script will just get it. They shouldn’t waste time with picking the right source.
If you want to build from source, this brings nothing of value. Nix has pretty much everything.
with that being the case, correct me if I’m wrong, but your pitch is that users should trust your manually compiled and maintained commands to install things because you’re guaranteeing that the binaries being installed by your commands are from official sources, and that is better (in at least some cases) than cached binaries from something like nixpkgs, where the trust we are asked to give is that the cache is built correctly from source.
I like to get software directly from the developers, and this just makes it easier. I don’t want to compile anything, and I don’t mind any of the package formats. I just don’t like that every app uses a different one so it’s a pain in the ass to install them.
Whether you trust the list not to execute malicious commands is up to you.