-
Notifications
You must be signed in to change notification settings - Fork 55
Display warning when installing .hiveapp not from repo #55
Comments
By "not from repo" you mean actually any app that you install by opening a .hiveapp, or that we should specifically check if the app comes from one of our repos or not? (I'm not sure how we could do the latter...) |
No, meaning you're just installing a file on your computer manually (opening a .hiveapp by double-clicking or whatever) |
But can Hive actually guarantee the safety of the applications from their (upcoming?) store ? I see this taking a lot of time and resources not available in a process that doesn't involve money from the developer submitting his apps. I think it should just be a general warning instead. |
According to #56 there would be a repository controlled by Hive (or others, should they wish to). Of course to your point that doesn't mean that every line of code is reviewed. How should the general warning read, in your opinion? |
That's a good point, even once we have the store, there's no way we can give the user any guarantees about what the app does, especially since you can just redirect to an external site at any point, or download a JS file from an external location that you can silently change later. The apps in the repo won't be any more secure than apps installed from the filesystem. That said, we could just change the copy in that popup which appears when you try to install the app ("Would you like to install "..." application?") to include a warning there. |
"This Hive app did not come from our store, and we cannot guarantee its safety. Please proceed with extreme caution."
[ ] I know what I'm doing, don't bug me again.
The text was updated successfully, but these errors were encountered: