Well, yes and no. If you’re using any graphical utility to install software, you’re already using something similar, since the actual package manager in a distro is usually a commandline utility, and you’re using a wrapper around it. Those unofficial package managers don’t actually mess with your system files (at least for the most part), they just look at package lists, dependencies, and automatically build AUR packages as necessary before handing everything off to the actual package manager.
The scary bit isn’t the package manager being unofficial, it’s how it puts untrusted packages on the same level as trusted packages, letting you install it unknowingly.
Oh, so it’s like a second, unofficial Software Manager. That sounds scary.
Well, yes and no. If you’re using any graphical utility to install software, you’re already using something similar, since the actual package manager in a distro is usually a commandline utility, and you’re using a wrapper around it. Those unofficial package managers don’t actually mess with your system files (at least for the most part), they just look at package lists, dependencies, and automatically build AUR packages as necessary before handing everything off to the actual package manager.
The scary bit isn’t the package manager being unofficial, it’s how it puts untrusted packages on the same level as trusted packages, letting you install it unknowingly.
Gotcha, thanks for the explanation. I’m sure something has been done about it by now!