Skip to content

Latest commit

 

History

History
155 lines (149 loc) · 16.9 KB

INFO.md

File metadata and controls

155 lines (149 loc) · 16.9 KB


Statically Compiled Binaries

raison d'être Inspiration Image Inspiration Image

Contents


🧰 Architecture 🧰 📦 Total Binaries 📦 🇨🇭 WorkFlows 🇨🇭 🧾Logs
Android arm64-v8a PLACEHOLDER_arm64_v8a_Android 🛍️ Build 📦 (toolpack_arm64_v8a_Android) Binaries 📦🗄️ BUILD.log
Linux aarch64 // arm64 PLACEHOLDER_aarch64_arm64_Linux 🛍️ Build 📦 (toolpack_aarch64_Linux) Binaries 📦🗄️ BUILD.log
Linux amd // x86_64 PLACEHOLDER_x86_64_Linux 🛍️ Build 📦 (toolpack_x86_64_Linux) Binaries 📦🗄️ BUILD.log
Windows x64 // AMD64 PLACEHOLDER_x64_Windows 🛍️ Build 📦 (toolpack_x64_Windows) Binaries 📦🗄️ BUILD.log

🔽 Download 🔽

  • Package Managers RECOMMENDED
bash <(curl -qfsSL "https://raw.githubusercontent.com/pkgforge/soar/refs/heads/main/install.sh")
wget -qO- "https://raw.githubusercontent.com/xplshn/dbin/master/stubdl" | sh -s -- --install "${HOME}/.local/bin/dbin"

  • CLI
  • It's also possible to use "$(uname -m)"

SEE: https://github.com/Azathothas/Toolpacks/blob/main/Docs/METADATA.md#url-redirects

!# curl needs the `-L, --location` flag to Follow redirects
!# wget works without any flags

!# Example
curl -qfsSLO "https://bin.pkgforge.dev/$(uname -m)/$BIN_OR_PATH_TO_BIN"

  • GUI NOT RECOMMENDED

Note: If you notice slow loading, it is because it is not a real website.
It is a r2 bucket, and loads all objects upon each request. bin bin x86_64_Linux


  • 🚧 Security ⚙️

It is NEVER a good idea to install random binaries from random sources.

  • Check these HackerNews Discussions

The amount of work and the near impossibility to ensure that every source used, provide reproducibility, is infeasibly impractical. Even if it were practical, not every pkg/tool provides source code, so this is impractical.

  • Reasons to Trust this Repo
  • All the Build Scripts & workflows are completely open-source. You are free to audit & scrutinize everything.
# Everything is automated via Github Actions & Build Scripts
WorkFlows --> https://github.com/Azathothas/Toolpacks/tree/main/.github/workflows
Build Scripts --> https://github.com/Azathothas/Toolpacks/tree/main/.github/scripts

# Build LOGS (BUILD.log] are generated at Build Time & Pushed both to Github & R2
  • Reasons NOT to trust this Repo
  • Repos that already publish pre-compiled static binaries, nothing is changed (Other than stripping Debug Symbols & Comments). You can compare checksums.
  • However, for repos that don't publish releases or at least not statically linked binaries, there is no way for you to end up with the same binary even when you use the same build scripts. In this case, checksums are meaningless as each build will produce different checksums. Your only option is to trust me bro or:
  • The process involves fetching the code and following standard build procedures which are well documented and the scripts available to audit.
  • In the case of binaries, whose upstream developers do not provide source code (ngrok, Twingate, etc.) OR themselves provide a pre-compiled static binary (Github Releases), the binary is simply fetched AS-IS (Other than stripping Debug Symbols).
  • It cannot be guaranteed that the upstream source is entirely safe or legitimate. It's upto you to exercise basic common sense and vigilance when using these binaries.