Piping content from the Internet to bash is a terrible way to distribute applications on Linux, I'd recommend making the official method a Flatpak instead. It'll allow you to sandbox your application, which is good for the user, and it'll handle the integration (e.g. app icon etc) correctly.
No user should ever be urged to install anything with that method, it's unsafe.
Is the issue with telling people to pipe URL output into bash? Or is the issue with any distribution method that isn't flatpak or something similarly privilege-limited?
I see how flatpak is an improvement, but I don't see how piping into bash is any worse than "install this .deb file / npm package / pip package." If the package author wanted to do something malicious, it's just as easy (if not easier) to put the malicious code in the package itself rather than a bash installer for the package.
If the installer is a precompiled binary, not much, though this is mostly a Windows-ism these days.
If we're considering the same batch script: You can read it,it before running and be sure that the endpoint doesn't dynamically give you different results depending on how you fetch it.
In either case, the proposal here was flatpak, which does provide security benefits like sandboxing.
If you trust the author of tool you are installing and the installer is by the same author, then why wouldn't you trust the installer too?
> It's 100% trivial to have it run rm or shred on all files you have access to while simultaneously printing correct looking install progress messages.
No user should ever be urged to install anything with that method, it's unsafe.