I agree that debs that were audited and distributed in the package manager are better in that way. I guess my objection is that "curl https://getmic.ro | bash" often gets a hostile reaction here on HN whereas "wget https://github.com/zyedidia/micro/releases/download/v2.0.10/... && dpkg -i micro-2.0.10-amd64.deb" does not.

The latter absolutely should get just as hostile a reaction. The only thing it provides you over the former is that it at least guarantees you that the author went to the trouble of creating a deb.

Actually, it should probably get even more hostile a reaction, since installing it that way usually means you won't get any updates for it. If you absolutely must install software from a (trusted) source other than your distribution, adding a source and then using `apt` is the way to go.

If you need to install from the author's site, that means that there is no Deb available in the official repos, or that it's outdated. In both cases, you end up installing something that the author compiled.

The reality is you need to install a random PPA or download a random deb from the author's website, github, etc. because the debian release is woefully out of date. So you're back to installing random binaries again.

If you need the latest available versions of the software you use, you should probably use a distribution that has that as a goal. Debian is built with the intention of providing stability, under the assumption that most of its users can afford to go a couple of years without feature updates in the software they use.