Open gamer191 opened 2 weeks ago
Things and enviroment can vary, each .ipa even built off the same commit probably has a different hash...
I’m talking about the input IPA that the user puts into the GitHub action
I’m talking about the input IPA that the user puts into the GitHub action
Well those would certainly have different hashes, different dumping programs dump differently, plus each ios + phone combination have slightly different .ipa's even if you were to strip the app thinning, it would basically impossible to get the same decrypted .ipa file twice, even in the same environment, same tools.
Have you read the FAQ?
Is there an existing issue/question for this?
Do you think this is a bug?
❌ No, I don't think this is a bug. I will explain below
My question
There is no suggestion template, so I figured question was better than issue. Anyway, I was wondering whether you’d be able to publish a list of SHA256 hashes of the YouTube ipa, and have the GitHub action automatically validate it (by default).
Disclaimer: I would assume publishing hashes would be fine, since lots of existing legitimate projects (such as redump) publish hashes of copyrighted content. However, IANAL
Additional context
No response