/hysp-pkgs

🌿 Package information to install via hysp package manager

Primary LanguageShellMIT LicenseMIT


Statically Compiled Binaries (Packages) for Hysp🌷

  • 📦 Status

🧰 Architecture 🧰 📦 Total Packages 📦 📝 Detailed List 📝 ⏬ Upstream Source ⏬ 🇨🇭 WorkFlows 🇨🇭
Linux amd // x86_64 1017 x86_64.md Azathothas/Toolpacks/x86_64 🛍️ (x86_64)⚙️ Daily 📦 Metadata 🗄️
Linux aarch64 // arm64 753 aarch64_arm64.md Azathothas/Toolpacks/aarch64_arm64 🛍️ (aarch64_arm64) ⚙️ Daily 📦 Metadata 🗄️
Windows x64 // AMD64 158 x64_Windows.md Azathothas/Toolpacks/x64_Windows 🛍️ (x64_Windows) ⚙️ Daily 📦 Metadata 🗄️
  • Raw metadata containing info for all packages is available as json & toml
  • ./pkgs only contains a couple of test packages. Everything is hosted at : Azathothas/Toolpacks

  • 🚧 Security ⚙️

It is never a good idea to install random binaries from random sources.

  • Check these HackerNews Discussions

Hysp offers the following sane-defaults:

  • CheckSums

Hysp requires either blake3sum / sha256sum in $BINARY_SOURCE.toml & always verifies them to ensure nothing has been tampered with.

  • Transparency

Hysp is completely open-source. And so is the default pkg-source. The upstream repos that it uses as source are also completely open-source. You are free to audit & scrutinize everything.

!# PKG Metadata
# Everything is automated via Github Actions & Scripts
Repo --> https://github.com/metis-os/hysp-pkgs
WorkFlows --> https://github.com/metis-os/hysp-pkgs/tree/main/.github/workflows
Scripts --> https://github.com/metis-os/hysp-pkgs/tree/main/.github/scripts

!# Upstream Source
# Everything is automated via Github Actions & Build Scripts
Repo --> https://github.com/Azathothas/Toolpacks
WorkFlows --> https://github.com/Azathothas/Toolpacks/tree/main/.github/workflows
Build Scripts --> https://github.com/Azathothas/Toolpacks/tree/main/.github/scripts
  • Self-Hostable : Hysp offers you to completely self-host the backend from where it fetches the binaries. If you do not trust the default pkg-source, you can configure hysp to only use your source, hosted on your own servers.
  • A note on hysp allowing http-only sources
  • Hysp will allow you to host your pkg-source repo anywhere & doesn't require http as it uses the checksums to verify the hashes.
  • However, this decision to allow http-only sources is enabled for legacy compatibility reasons or in case you want hysp to use a HTTP_PROXY.
  • Never host both your data/*.toml & source binaries on http-only server. This will expose you to MITM as an attacker could tamper with both the checksums & binaries. Hysp will not be resposible for where you host your binaries or what kind of binaries you run.
  • You hold all responsibilities if you host the PKG Sources yourself.
  • Check this hacker-news discussion: https://news.ycombinator.com/item?id=38457926#38473604

Support 💌

I am a student currently attending university. I like working for Open Source in my free time. If you find my tool or work beneficial, please consider supporting me via KO-FI or ESEWA* (Nepal only), Or by leaving a star ⭐ ; I'll appreciate your action :)

  • License ㊙️

Everything is license under the MIT except for the packages... They hold their own livess :oOO

Copyright © 2023 pwnwriter xyz ☘️