The only stupid question is the one you don’t ask.
First, I don’t like calling proprietary software “official”. Proprietary software is just software with closed source code. What makes something official is someone deciding “OK, this is what we are going to use” or that it definitely came from a particular source. Getting Docker directly from Docker repositories rather from a distributions repository for example.
My general take is if FOSS can do the job, I use FOSS. If FOSS can’t do the job I need, then I will go with the best proprietary solution to my problem. If I go with FOSS, I tend to prefer using the repository of the project in question rather than my distributions repository. The projects repository tends to be more up to date and there are fewer opportunities for ba actors to play with the code. Downside is that these repositories may introduce changes that may bork your OS when/if you upgrade to a newer major version. FlatPacks and AppImages help to mitigate this.
Hope that helps.
Not familiar with the site, but it sounds like some one uploaded something directly related either to WMDs or the manufacture of drugs. Otherwise I suspect they would have used the provisions related to copyright infringement.
Knowledge related to both are publicly available, and the tech is simple enough that even a southern high schooler could build something truely nasty, but if it is too directly related…. Well, the people that do the day to day work of the government aren’t completely stupid. The best they can do, though, is try to keep the knowledge out of sight, out of mind.