Unknown binary files kept inside repository

[Wint3rmute]

Hey,

First of all, great work! I haven't used your script myself, however I think that the overall idea is great for people using non-Arch distros.

However, I've noticed a few problems which could potentially discourage other people from using your project:

First of all, you're storing binary files in the repository - appimagetool and libunionpreload.so, both in the resources folder. Such binaries cannot be audited as they have already been compiled. Most users would prefer to know what exact code they are running on their personal machines, binary files will definitely be a red light for them.

I would suggest using a script that would download those binaries from a know source (I'm guessing you're getting them from Arch repos, but I cannot tell as there is no documentation regarding them).

---

Secondly, and this is a minor problem, consider using a .gitignore file so that your __pycache__ and other temporary files are not uploaded into your repository.

Let me know if I can resolve some of those issues for you in a PR and have a great day!

[ghost]

Great point- I have uploaded a .gitignore file. I am new to this, so any help is appreciated.

[Wint3rmute]

Sure, I'll try to read through your script to understand the role of those binaries.

Hopefully I'll be able to come up with a PR this week

[Wint3rmute]

Oh, and about this .gitignore you've added - since the __pycache__ files are already tracked in your repository (because you've uploaded them onto github), you'll have to remove them with git rm.

[ghost]

OK, done!

[hanzala123]

Hi, I am the original creator of this. The URL of the binaries are actually included in the config.py (The last 2 lines). I will try to add some documentation around in the next update. Thank you for your suggestion.