People often discourage users from using PPAs because the PPA may potentially contain libraries and packages which may break the system.
I have been using PPAs since 2010, and never encountered a problem (of course, I check whether a PPA hosts any suspicious packages before adding it).
Usually developers make PPAs to help others install a software, not to break their systems. Also, the packages need to be digitally signed, and this way, the person who packaged something fishy can be traced back.
I am wondering whether "PPAs are harmful" is a common problem faced by many, or it is a popular belief which people spread (without much evidence).
I want to ask about some facts (so that the question does not become "opinion based").
- Has there been any malicious PPA so far? By malicious, I mean something which is intentionally packaged to create a dependency hell, or something that will mess up with the home or
/
directory with the postinstall script, or something that broke the installation.
(Since the question was closed due to being opinion based, I am looking for examples of such harmful PPAs, so that it can be answered with facts).
- Is there any way a user can report a potentially harmful PPA in Launchpad?
By PPA, I am referring to a PPA hosted in Launchpad, not any third party repository hosted in any website.