Nostr Web Client

Very cool! 😎

But also, how do you prevent ingesting malicious APKs? 😵‍💫

Good question! Each APK needs to be added manually and so it's vetted. With updates to the UI we'll start making these things more clear. And next year integrating DVMs to help with these checks.

The idea is to bring many more FOSS apps that are not as releases on Github.

In reality this doesn't change much from the current practice of ingesting Github releases. Some of those could theoretically be compromised.

Reply to this note

Please Login to reply.

Discussion

Zapstore 1y ago

*I didn't mean the APK, but the recipe on how to fetch version and artifact, so once it's set up we automate that

ContrarianAgrarian 1y ago

Ah, that makes more sense