|
|
|
|
|
|
by anfragment
924 days ago
|
|
|
Hello HN! Having just posted the app to a couple of small subreddits before sleep and then waking up to being on the front page over here is quite an experience :) I was hoping to make a Show HN post after giving Zen a bit more polish, but I guess here we are. Thanks for all the constructive feedback. I totally share your concerns about its security and likewise wouldn't use some unverified application trying to install a root CA on my system. For those wanting to audit the certificate generation and installation code, feel free to take a look at certmanager/get.go and certmanager/install_{platformname}.go. It is mostly self-contained and, I hope, easy to understand. The lack of any instructions on how to delete the certificate is an oversight on my part, and I'll be working on this. Regarding the binaries: all of them are built on GitHub's CI. I wish there was a way for users to verify this fact, but to my knowledge, there is no way to do that currently. You can run and build the app yourself using Wails (https://wails.io/docs/gettingstarted/installation). I'll be sure to add more instructions to the repo in the coming days. As always, any feedback, help, and suggestions are much welcome. |
|
|
https://www.sigstore.dev/