Statically Compiled Binaries (Packages) for Hysp🌷
🧰 Architecture 🧰 | 📦 Total Packages 📦 | 📝 Detailed List 📝 | ⏬ Upstream Source ⏬ | 🇨🇭 WorkFlows 🇨🇭 |
---|---|---|---|---|
Linux amd // x86_64 |
1017 | x86_64.md | Azathothas/Toolpacks/x86_64 | |
Linux aarch64 // arm64 |
753 | aarch64_arm64.md | Azathothas/Toolpacks/aarch64_arm64 | |
Windows x64 // AMD64 |
158 | x64_Windows.md | Azathothas/Toolpacks/x64_Windows |
- Raw
metadata
containing info for all packages is available asjson
&toml
- ./pkgs only contains a couple of test packages. Everything is hosted at : Azathothas/Toolpacks
It is never a good idea to install random binaries from random sources.
- Check these
HackerNews Discussions
Hysp offers the following sane-defaults:
CheckSums
Hysp requires either
blake3sum
/sha256sum
in$BINARY_SOURCE.toml
& always verifies them to ensure nothing has been tampered with.
Transparency
Hysp is completely open-source. And so is the default pkg-source. The upstream repos that it uses as source are also completely open-source. You are free to audit & scrutinize everything.
!# PKG Metadata # Everything is automated via Github Actions & Scripts Repo --> https://github.com/metis-os/hysp-pkgs WorkFlows --> https://github.com/metis-os/hysp-pkgs/tree/main/.github/workflows Scripts --> https://github.com/metis-os/hysp-pkgs/tree/main/.github/scripts !# Upstream Source # Everything is automated via Github Actions & Build Scripts Repo --> https://github.com/Azathothas/Toolpacks WorkFlows --> https://github.com/Azathothas/Toolpacks/tree/main/.github/workflows Build Scripts --> https://github.com/Azathothas/Toolpacks/tree/main/.github/scripts
Self-Hostable
: Hysp offers you to completely self-host the backend from where it fetches the binaries. If you do not trust the default pkg-source, you can configure hysp to only use your source, hosted on your own servers.
- A note on hysp allowing
http-only
sources
- Hysp will allow you to host your pkg-source repo anywhere & doesn't require http as it uses the checksums to verify the hashes.
- However, this decision to allow http-only sources is enabled for legacy compatibility reasons or in case you want hysp to use a HTTP_PROXY.
- Never host both your data/*.toml & source binaries on http-only server. This will expose you to
MITM
as an attacker could tamper with both the checksums & binaries. Hysp will not be resposible for where you host your binaries or what kind of binaries you run.- You hold all responsibilities if you host the PKG Sources yourself.
- Check this hacker-news discussion: https://news.ycombinator.com/item?id=38457926#38473604
-
📟 @pwnwriter 📟
I am a student currently attending university. I like working for Open Source in my free time. If you find my tool or work beneficial, please consider supporting me via KO-FI or ESEWA* (Nepal only), Or by leaving a star ⭐ ; I'll appreciate your action :)
Everything is license under the MIT
except for the packages...
They hold their own livess :oOO
Copyright © 2023 pwnwriter xyz ☘️