add notice on security best practice of piping to bash

foundry-rs · Jan 14, 2025 · 3672e44 · 3672e44
1 parent 75a0875
commit 3672e44
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/src/announcements.md b/src/announcements.md
@@ -4,7 +4,7 @@ Stay up to date with the latest changes to Foundry.
 
 ## 🚨 Actions required
 
-Upgrade your installation of Foundryup!
+Upgrade your installation of `foundryup`!
 
 Run: `curl -L https://foundry.paradigm.xyz | bash`
 
@@ -26,7 +26,15 @@ Big shoutout to the Foundry community - your bug reports, feature requests and c
 
 Run: `curl -L https://foundry.paradigm.xyz | bash`
 
-After updating you'll be able to update to the latest version of `foundryup` by running `foundryup --update`.
+As a security best practice it is recommended you manually follow the [redirect](https://foundry.paradigm.xyz), inspect the [installer](https://raw.githubusercontent.com/foundry-rs/foundry/master/foundryup/install) you are about to run and the new version of [`foundryup`](https://raw.githubusercontent.com/foundry-rs/foundry/master/foundryup/foundryup) you are about to install.
+
+After the initial update you'll be able to update to the latest version of `foundryup` using:
+
+```sh
+foundryup --update
+```
+
+by running `foundryup --update`.
 
 #### How do I install multiple versions?