Zerush@lemmy.ml to Open Source@lemmy.ml · 9 个月前Over 100,000 Infected Repos Found on GitHubapiiro.comexternal-linkmessage-square26fedilinkarrow-up1208arrow-down14
arrow-up1204arrow-down1external-linkOver 100,000 Infected Repos Found on GitHubapiiro.comZerush@lemmy.ml to Open Source@lemmy.ml · 9 个月前message-square26fedilink
minus-squarePantherina@feddit.delinkfedilinkarrow-up12·edit-29 个月前Lol apt Or to frame it differently, use a package manager and not appimages etc.
minus-squaredelirious_owl@discuss.onlinelinkfedilinkarrow-up4arrow-down1·9 个月前AppImages actually do have (optional) support for signatures.
minus-squarePantherina@feddit.delinkfedilinkarrow-up2·9 个月前They have no update feature afaik, how does this work? What verified this signature, the user?
minus-squaredelirious_owl@discuss.onlinelinkfedilinkarrow-up2·9 个月前Its a subcommand of the AppImage. The developer adds the signature to the AppImage and the user verifies it after download with the subcommand.
minus-squarePantherina@feddit.delinkfedilinkarrow-up1·9 个月前Thats nice, didnt even know there was an interface for managing appimages?
Lol apt
Or to frame it differently, use a package manager and not appimages etc.
AppImages actually do have (optional) support for signatures.
They have no update feature afaik, how does this work? What verified this signature, the user?
Its a subcommand of the AppImage. The developer adds the signature to the AppImage and the user verifies it after download with the subcommand.
Thats nice, didnt even know there was an interface for managing appimages?