Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Is it possible to validate what I am running in browser is an unaltered version of what is there in Github?

Otherwise, I will have to trust the package author to not be malicious.

Another option might be to personally package and sideload the extension which I don't know how.



Yes, that's what I meant! It's very easy to sideload.

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/Web....


Tridactyl exists in the Arch community repos [1] if you would rather use that; you're effectively shifting your trust to an Arch trusted user away from some random person (me) and Mozilla.

[1]: https://www.archlinux.org/packages/community/any/firefox-tri...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: