|
|
|
|
|
|
by azathothas
935 days ago
|
|
|
Hi, I am the package maintainer for https://github.com/metis-os/hysp-pkgs (The default source that's shipped with hysp) To address your concerns:
1. Yes, no portable toolchains or any other kinds of dependencies are required. 2. Each & every single binary is statically compiled. This is the core at philosophy of Hysp. A single binary that runs anywhere. 3. Currently, there's about 200 pkgs for x86_64 & arm64 each. The upstream source (https://github.com/Azathothas/Toolpacks) has over 400 for x86_64 & 300+ for arm64, which will slowly be added to Hysp-Pkgs. 4. As installing random binaries from random sources is not advisable due to security concerns, the pkg-source can be self-hosted by anyone and hysp can be configured to use that instead of the default source. |
|
|
Regarding the packages, those are very respectable numbers... But who is maintaining them? It takes a lot of effort to maintain a repo up to date, with patches both functional and security related. This is in most distros a full time job for a group of people. For comparison pkgsrc has 19444 packages, and it takes a substantial effort to keep up to date.
Regarding 4... I am not sure about your angle there... "Running random binaries" is risky. Technically hysp is a random binary itself, from a random source. I don´t know who you are, and even in that case any certification of authority is best efforts. You can´t certify that the code you built has not been compromised... This is a tough problem, good ideas are still needed!
OTOH, maybe you could leverage the work of the pkgsrc team to increase the number of available packages, traceability, and portability! Join forces! Synergy!!!!