Hacker News new | past | comments | ask | show | jobs | submit login

They had multiple issues with opsec in the past. Something that when repeats, makes people skittish. Fool me once and al..



I am not aware of critical issues, but there was indeed a time of confusion, when the dev leadership changed. So sources please for current flaws?


This Github repo has the most common issues I've heard of: https://github.com/arindas/manjarno .

Big ones are: shadiness with funding, letting their SSL certs expire 4 times, and the fact that their idea of stable isn't additional testing, but just letting the packages sit for a week.

There was also a recent kerfluffle not covered there where they shipped a broken kernel to Apple Sillicon users without contacting the Asahi devs: https://twitter.com/AsahiLinux/status/1576356115746459648


Well, the funding issue I find to be quite trivial and of no big concern to me, but the repo issues are indeed something that has bothered me at times, where I ended up modifying repos to get the most up to date ones.

The recommendation from the repo, EndeavourOS sounds interesting, though.


https://www.reddit.com/r/linux/comments/4inrut/manjaros_ssl_...

The link for the post is dead, but they've let their SSL cert expire multiple times. While it happened a few years ago, I find that a hard thing to come back from.


I think the most recent incident was a few months ago...


Good lord.


It literally took them two months to push the critical expat update on aarch64.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: