zlacker

"curl | sudo sh" refers to the installation instructions found in many projects these days that try to make installation easier by telling users to download a setup script (curl) and then run it with elevated privileges (sudo sh). This foregoes the usual packaging systems and makes interoperability easier but some people rightly point out that this is very unsafe as it teaches users to execute arbitrary code from the web with full access to their machine. The real-world threat scenarios this actually presents are of course debatable (e.g. most of them also apply to downloadable installers in general).

The mention of JavaScript is just the usual programming language elitism. JavaScript started as a language for web programming (technically it was first used for server-side scripting before being implemented in browsers) so it's "not a real programming language" and therefore "not used by real programmers" so software using it is bad.

Of course there are alternatives to Home Assistant, like OpenHAB, which is written in Java and comes with all the UX typically associated with Java projects. It's not necessarily worse but most people would probably prefer HA's auto-discovery over OpenHAB's approach of granularly defining every single property