mirror of
https://github.com/f-droid/fdroidserver.git
synced 2025-09-13 22:42:29 +03:00
new repo-wide config option for a Binary Transparency Log
A Binary Transparency Log is a append only log of all binaries published by a repo. This is useful for people to find whether the binary they have matches what F-Droid has published, and also makes it more difficult for the published history to be changed without notice, or for a server to give specific users custom malware binaries. https://www.eff.org/deeplinks/2014/02/open-letter-to-tech-companies
This commit is contained in:
Hans-Christoph Steiner
parent
0ef818486d
commit
03ec590989
3 changed files with 101 additions and 0 deletions
|
|
@ -238,6 +238,13 @@ The repository of older versions of applications from the main demo repository.
|
|||
# wiki_user = "login"
|
||||
# wiki_password = "1234"
|
||||
|
||||
# Keep a log of all generated index files in a git repo to provide a
|
||||
# "binary transparency" log for anyone to check the history of the
|
||||
# binaries that are published. This is in the form of a "git remote",
|
||||
# which this machine where `fdroid update` is run has already been
|
||||
# configured to allow push access (e.g. ssh key, username/password, etc)
|
||||
# binary_transparency_remote = "git@gitlab.com:fdroid/binary-transparency-log.git"
|
||||
|
||||
# Only set this to true when running a repository where you want to generate
|
||||
# stats, and only then on the master build servers, not a development
|
||||
# machine.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue