vet is a command-line tool that acts as a safety net for the common but risky curl | bash pattern. It lets you inspect remote scripts for changes, run them through a linter, and require your explicit approval before they can execute.
Don't just run it, vet it.
The Problem
We've all seen this pattern for installing software:
# This is convenient, but you're blindly trusting the remote script. curl -sSL https://example.com/install.sh | bash
This is dangerous. The script could be malicious, the server could be compromised, or a transient network error could result in executing a partial script.
The Solution: vet
vet wraps this process in a secure, interactive workflow:
Fetch: It downloads the remote script to a temporary location.
Diff & Review: It shows you what, if anything, has changed since the last time you ran this script.
... continue reading