Zerush@lemmy.ml to Open Source@lemmy.ml · 2 years agoOver 100,000 Infected Repos Found on GitHubapiiro.comexternal-linkmessage-square26linkfedilinkarrow-up1208arrow-down14
arrow-up1204arrow-down1external-linkOver 100,000 Infected Repos Found on GitHubapiiro.comZerush@lemmy.ml to Open Source@lemmy.ml · 2 years agomessage-square26linkfedilink
minus-squaredelirious_owl@discuss.onlinelinkfedilinkarrow-up20arrow-down3·2 years agoFriends dont let friends install software that isn’t signed. Use apt.
minus-squarePantherina@feddit.delinkfedilinkarrow-up12·edit-22 years agoLol apt Or to frame it differently, use a package manager and not appimages etc.
minus-squaredelirious_owl@discuss.onlinelinkfedilinkarrow-up4arrow-down1·2 years agoAppImages actually do have (optional) support for signatures.
minus-squarePantherina@feddit.delinkfedilinkarrow-up2·2 years agoThey have no update feature afaik, how does this work? What verified this signature, the user?
minus-squaredelirious_owl@discuss.onlinelinkfedilinkarrow-up2·2 years agoIts a subcommand of the AppImage. The developer adds the signature to the AppImage and the user verifies it after download with the subcommand.
minus-squarePantherina@feddit.delinkfedilinkarrow-up1·2 years agoThats nice, didnt even know there was an interface for managing appimages?
minus-squareandreas@lemmy.korfmann.xyzlinkfedilinkarrow-up3·2 years agoI mean, yeah but not everything is available over apt. I try to use it whenever I can though
Friends dont let friends install software that isn’t signed.
Use apt.
Lol apt
Or to frame it differently, use a package manager and not appimages etc.
AppImages actually do have (optional) support for signatures.
They have no update feature afaik, how does this work? What verified this signature, the user?
Its a subcommand of the AppImage. The developer adds the signature to the AppImage and the user verifies it after download with the subcommand.
Thats nice, didnt even know there was an interface for managing appimages?
I mean, yeah but not everything is available over apt. I try to use it whenever I can though