vet it.Stop blindly piping to bash. vet lets you inspect remote scripts for changes, run them through a linter, and require your explicit approval before they can execute.
We've all seen this pattern for installing software:
# You're blindly trusting the remote script.curl -sSL https://example.com/install.sh | bash
This is dangerous. The script could be malicious, the server could be compromised, or a transient network error could result in executing a partial script.
vet wraps this process in a secure, interactive workflow:
Fetch: It downloads the remote script to a temporary location.
Diff & Review: It shows you what, if anything, has changed since the last time you ran this script.
Lint: If you have shellcheck installed, it automatically analyzes the script for potential bugs or malicious patterns.
Confirm: It prompts you for explicit approval before executing anything.
# The new, safer way.vet https://example.com/install.sh
In your terminal, run:
curl -sL https://getvet.sh | sh