Awesome
<!-- This can be changed --> <p align="center"> <a href="https://github.com/metis-os/hysp-pkgs"> <img src="https://github.com/metis-os/hysp-pkgs/assets/58171889/0bdc0282-e018-4bdc-adfd-391392771ff4" width="400"></a> <br> <b><strong> <a href="https://github.com/Azathothas/Toolpacks">Statically Compiled Binaries</a> (Packages) for <a href="https://github.com/pwnwriter/hysp">Hysp</a>🌷</code></strong></b> <br> <img src="https://raw.githubusercontent.com/catppuccin/catppuccin/main/assets/palette/macchiato.png" width="500" /> </p><!-- DO NOT CHANGE -->
-
📦 Status
🧰 Architecture 🧰 | 📦 Total Packages 📦 | 📝 Detailed List 📝 | ⏬ Upstream Source ⏬ | 🇨🇭 WorkFlows 🇨🇭 |
---|---|---|---|---|
Linux amd // x86_64 | 1017 | x86_64.md | Azathothas/Toolpacks/x86_64 | |
Linux aarch64 // arm64 | 753 | aarch64_arm64.md | Azathothas/Toolpacks/aarch64_arm64 | |
Windows x64 // AMD64 | 158 | x64_Windows.md | Azathothas/Toolpacks/x64_Windows |
- Raw
metadata
containing info for all packages is available asjson
&toml
- ./pkgs only contains a couple of test packages. Everything is hosted at : Azathothas/Toolpacks
-
🚧 Security ⚙️
It is never a good idea to install random binaries from random sources.
- Check these
HackerNews Discussions
Hysp offers the following sane-defaults:
CheckSums
Hysp requires either
blake3sum
/sha256sum
in$BINARY_SOURCE.toml
& always verifies them to ensure nothing has been tampered with.
Transparency
Hysp is completely open-source. And so is the default pkg-source. The upstream repos that it uses as source are also completely open-source. You are free to audit & scrutinize everything.
!# PKG Metadata # Everything is automated via Github Actions & Scripts Repo --> https://github.com/metis-os/hysp-pkgs WorkFlows --> https://github.com/metis-os/hysp-pkgs/tree/main/.github/workflows Scripts --> https://github.com/metis-os/hysp-pkgs/tree/main/.github/scripts !# Upstream Source # Everything is automated via Github Actions & Build Scripts Repo --> https://github.com/Azathothas/Toolpacks WorkFlows --> https://github.com/Azathothas/Toolpacks/tree/main/.github/workflows Build Scripts --> https://github.com/Azathothas/Toolpacks/tree/main/.github/scripts
Self-Hostable
: Hysp offers you to completely self-host the backend from where it fetches the binaries. If you do not trust the default pkg-source, you can configure hysp to only use your source, hosted on your own servers.
- A note on hysp allowing
http-only
sources
- Hysp will allow you to host your pkg-source repo anywhere & doesn't require http as it uses the checksums to verify the hashes.
- However, this decision to allow http-only sources is enabled for legacy compatibility reasons or in case you want hysp to use a HTTP_PROXY.
- Never host both your data/*.toml & source binaries on http-only server. This will expose you to
MITM
as an attacker could tamper with both the checksums & binaries. Hysp will not be resposible for where you host your binaries or what kind of binaries you run.- You hold all responsibilities if you host the PKG Sources yourself.
- Check this hacker-news discussion: https://news.ycombinator.com/item?id=38457926#38473604
<!-- This can be changed -->
-
📟 @pwnwriter 📟
<a name="support"></a>
Support 💌
I am a student currently attending university. I like working for Open Source in my free time. If you find my tool or work beneficial, please consider supporting me via KO-FI or ESEWA* (Nepal only), Or by leaving a star ⭐ ; I'll appreciate your action :) <a name="license"></a>
-
License ㊙️
Everything is license under the MIT
except for the packages...
They hold their own livess :oOO