Pub/Priv keys
What the bullshit it is. Take the one from FlatHub
as example. Simp[le things are meant to be simple, not complicated.
Theory
Publicly available replacement of docker and similar. Not that docker is ay good, just YAS
SDK, as name suggests, should aim in:
Helping people build apps, services, etc upon source service in easy-to-follow and understand way.
Ok, lets put this to test.
Practice
Setting up
We will work inside virtual machine (VM
). Just to be safe from shitters like maintainers
. Our OS
of choice is Debian Server
. Our hypervisor is DVM
, our ToC is HSD
(ssd
sucks).
Now, just:
sudo chmod a+x fp-getenvready.sh
./fp-getenvready.sh
You should see prompt
from VM. You are all set :)
Getting work done
We will use
JavaScript
from now on, however, you may use whatever language you feel most comfortable with.
Prep work
Once inside VM:
mkdir -p {projects/${"cat /etc/os-release | grep -aA "OS"\"}
sudo chmod 0777 -R projects/
Initiating a (secure?) connection
Once your VM
is up&running, its time to initiate connection with flathub's main devserver
and start outing some code.
What the above code does?
generates
public<>private
key pair,use them to register an account on
api.flathub.com
stores it locally
Is it really secure?
Short answer: not really!
Long: answer follows:
One of the main contributors to SDK and its unerlaying techstack is Mozilla. Its well known fact that Mozilla gives a complete, utter fuck to users and their security. It as been like this since begining.