• erAckA
    link
    fedilink
    arrow-up
    2
    ·
    9 months ago

    If you installed the original legit package it can’t be updated with such fake one (without uninstalling and installing the bad one) as the signatures won’t match. If you initially install the bad package then yes of course.