search

qnblackcat / uYouPlus

uYou+ is a modified version of uYou (made by @MiRO92) with additional features and mainly made for non jailbroken users!
6.95k stars 6.7k forks source link

[Suggestion] Publish list of YouTube SHA256 hashes and make the action automatically validate the YouTube IPA #1501

Open gamer191 opened 2 weeks ago

gamer191 commented 2 weeks ago

Have you read the FAQ?

Is there an existing issue/question for this?

Do you think this is a bug?

❌ No, I don't think this is a bug. I will explain below

My question

There is no suggestion template, so I figured question was better than issue. Anyway, I was wondering whether you’d be able to publish a list of SHA256 hashes of the YouTube ipa, and have the GitHub action automatically validate it (by default).

Disclaimer: I would assume publishing hashes would be fine, since lots of existing legitimate projects (such as redump) publish hashes of copyrighted content. However, IANAL

Additional context

No response

yodaluca23 commented 2 weeks ago

Things and enviroment can vary, each .ipa even built off the same commit probably has a different hash...

gamer191 commented 2 weeks ago

I’m talking about the input IPA that the user puts into the GitHub action

yodaluca23 commented 2 weeks ago

I’m talking about the input IPA that the user puts into the GitHub action

Well those would certainly have different hashes, different dumping programs dump differently, plus each ios + phone combination have slightly different .ipa's even if you were to strip the app thinning, it would basically impossible to get the same decrypted .ipa file twice, even in the same environment, same tools.