trustyhash_ynh/README.md

<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
-->

# TrustyHash for YunoHost

[![Integration level](https://dash.yunohost.org/integration/TrustyHash.svg)](https://dash.yunohost.org/appci/app/TrustyHash) ![](https://ci-apps.yunohost.org/ci/badges/TrustyHash.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/TrustyHash.maintain.svg)  
[![Install TrustyHash with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=TrustyHash)

*[Lire ce readme en français.](./README_fr.md)*

> *This package allows you to install TrustyHash quickly and simply on a YunoHost server.
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*

## Overview

# TrustyHash - A Trustable Hash Calculator

TrustyHash is a small [client-side](https://unhosted.org/) web application that
computes SHA-256 hash values on both local files and on remote URLs, with a
strong emphasis on a process that will allow you to trust the results. Works
offline!

TrustyHash homepage: https://github.com/sprin/TrustyHash

[Use it here](https://sprin.github.io/TrustyHash/)

## How is this useful?

Integrity: "We have in hand the same set of sequences of bits that came into
existence when the object was created" - [Lynch](http://www.clir.org/pubs/reports/pub92/lynch.html)

"Friends don't let friends use unverified downloads."

This fills a need for a verifiable, web-based hash calculator written in free
JavaScript. If you already use the command-line hash utilities on your
system, you should continue to use those. This is targeted towards users who do
not have or are unable to use the hash utilities on their local systems. While
universal command-line-literacy is a good goal, the concepts of file integrity and
authenticity and the ability to use tools for verification are perhaps more
fundamental.

Integrity is the first link in secure systems, and key to determining
authenticity. If we trust the association between an author and the hash value
of a file they created, perhaps because we trust them and they gave us the
hash in person, we can authenticate whether a file we believe to be the same
really did come from them. We can achieve the same result if the author had
used a signing key, and signed and distributed a hash value along with the
file, and we could trust the association between a particular key and the
author - albeit with somewhat more complexity and caveats (eg, has the signing
key been kept private?).

In a few words, this tool aims to enable verification of integrity and
authenticity claims in an accessible way that depends only on a trusted hash
value and the correctness and integrity of the TrustyHash app and the browser
it executes in. See the section "Trust" below for recommendations on
how to verify integrity of this application.

## Usage

Local files can be opened from a file select dialog, or dragged into the "drop
area". Remote URLs can be entered, and if the remote server allows cross-origin
GET requests via
[CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS),
the file will be downloaded to the browser, with the option of saving locally.

It's recommended to save the application, verify the integrity, and use the
saved copy from then on. To save from the browser, use "Save Page" > "Web Page,
HTML Only", and use a filename of `TrustyHash.html`. To verify, read the
section on "Trust" below.


**Shipped version:** 1.0~ynh1

**Demo:** https://sprin.github.io/TrustyHash/

## Screenshots

![](./doc/screenshots/example.jpg)

## Disclaimers / important information

* Any known limitations, constrains or stuff not working, such as (but not limited to):
    * requiring a full dedicated domain ?
    * architectures not supported ?
    * not-working single-sign on or LDAP integration ?
    * the app requires an important amount of RAM / disk / .. to install or to work properly
    * etc...

* Other infos that people should be aware of, such as:
    * any specific step to perform after installing (such as manually finishing the install, specific admin credentials, ...)
    * how to configure / administrate the application if it ain't obvious
    * upgrade process / specificities / things to be aware of ?
    * security considerations ?

## Documentation and resources

* Official app website: https://github.com/sprin/TrustyHash
* Official user documentation: https://github.com/sprin/TrustyHash
* Upstream app code repository: https://github.com/sprin/TrustyHash
* YunoHost documentation for this app: https://yunohost.org/app_TrustyHash
* Report a bug: https://github.com/YunoHost-Apps/TrustyHash_ynh/issues

## Developer info

Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/TrustyHash_ynh/tree/testing).

To try the testing branch, please proceed like that.
```
sudo yunohost app install https://github.com/YunoHost-Apps/TrustyHash_ynh/tree/testing --debug
or
sudo yunohost app upgrade TrustyHash -u https://github.com/YunoHost-Apps/TrustyHash_ynh/tree/testing --debug
```

**More info regarding app packaging:** https://yunohost.org/packaging_apps
Initial commit 2022-05-05 17:51:33 +02:00			`<!--`
			`N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator`
			`It shall NOT be edited by hand.`
			`-->`

Auto-update README 2022-05-05 17:58:09 +02:00			`# TrustyHash for YunoHost`
Initial commit 2022-05-05 17:51:33 +02:00
Auto-update README 2022-05-05 17:58:09 +02:00			`[![Integration level](https://dash.yunohost.org/integration/TrustyHash.svg)](https://dash.yunohost.org/appci/app/TrustyHash) ![](https://ci-apps.yunohost.org/ci/badges/TrustyHash.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/TrustyHash.maintain.svg)`
			`[![Install TrustyHash with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=TrustyHash)`
Initial commit 2022-05-05 17:51:33 +02:00
			`[Lire ce readme en français.](./README_fr.md)`

Auto-update README 2022-05-05 17:58:09 +02:00			`> *This package allows you to install TrustyHash quickly and simply on a YunoHost server.`
Initial commit 2022-05-05 17:51:33 +02:00			`If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*`

			`## Overview`

Auto-update README 2022-05-05 18:26:54 +02:00			`# TrustyHash - A Trustable Hash Calculator`

			`TrustyHash is a small [client-side](https://unhosted.org/) web application that`
			`computes SHA-256 hash values on both local files and on remote URLs, with a`
			`strong emphasis on a process that will allow you to trust the results. Works`
			`offline!`

			`TrustyHash homepage: https://github.com/sprin/TrustyHash`

			`[Use it here](https://sprin.github.io/TrustyHash/)`

			`## How is this useful?`

			`Integrity: "We have in hand the same set of sequences of bits that came into`
			`existence when the object was created" - [Lynch](http://www.clir.org/pubs/reports/pub92/lynch.html)`

			`"Friends don't let friends use unverified downloads."`

			`This fills a need for a verifiable, web-based hash calculator written in free`
			`JavaScript. If you already use the command-line hash utilities on your`
			`system, you should continue to use those. This is targeted towards users who do`
			`not have or are unable to use the hash utilities on their local systems. While`
			`universal command-line-literacy is a good goal, the concepts of file integrity and`
			`authenticity and the ability to use tools for verification are perhaps more`
			`fundamental.`

			`Integrity is the first link in secure systems, and key to determining`
			`authenticity. If we trust the association between an author and the hash value`
			`of a file they created, perhaps because we trust them and they gave us the`
			`hash in person, we can authenticate whether a file we believe to be the same`
			`really did come from them. We can achieve the same result if the author had`
			`used a signing key, and signed and distributed a hash value along with the`
			`file, and we could trust the association between a particular key and the`
			`author - albeit with somewhat more complexity and caveats (eg, has the signing`
			`key been kept private?).`

			`In a few words, this tool aims to enable verification of integrity and`
			`authenticity claims in an accessible way that depends only on a trusted hash`
			`value and the correctness and integrity of the TrustyHash app and the browser`
			`it executes in. See the section "Trust" below for recommendations on`
			`how to verify integrity of this application.`

			`## Usage`

			`Local files can be opened from a file select dialog, or dragged into the "drop`
			`area". Remote URLs can be entered, and if the remote server allows cross-origin`
			`GET requests via`
			`[CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS),`
			`the file will be downloaded to the browser, with the option of saving locally.`

			`It's recommended to save the application, verify the integrity, and use the`
			`saved copy from then on. To save from the browser, use "Save Page" > "Web Page,`
			HTML Only", and use a filename of `TrustyHash.html`. To verify, read the
			`section on "Trust" below.`
Initial commit 2022-05-05 17:51:33 +02:00

Auto-update README 2022-05-05 17:51:35 +02:00			`Shipped version: 1.0~ynh1`
Initial commit 2022-05-05 17:51:33 +02:00
Auto-update README 2022-05-05 17:58:09 +02:00			`Demo: https://sprin.github.io/TrustyHash/`
Initial commit 2022-05-05 17:51:33 +02:00
Auto-update README 2022-05-05 17:51:35 +02:00			`## Screenshots`
Initial commit 2022-05-05 17:51:33 +02:00
Auto-update README 2022-05-05 17:51:35 +02:00			`![](./doc/screenshots/example.jpg)`
Initial commit 2022-05-05 17:51:33 +02:00
			`## Disclaimers / important information`

			`* Any known limitations, constrains or stuff not working, such as (but not limited to):`
			`* requiring a full dedicated domain ?`
			`* architectures not supported ?`
			`* not-working single-sign on or LDAP integration ?`
			`* the app requires an important amount of RAM / disk / .. to install or to work properly`
			`* etc...`

			`* Other infos that people should be aware of, such as:`
			`* any specific step to perform after installing (such as manually finishing the install, specific admin credentials, ...)`
			`* how to configure / administrate the application if it ain't obvious`
			`* upgrade process / specificities / things to be aware of ?`
			`* security considerations ?`

			`## Documentation and resources`

Auto-update README 2022-05-05 17:58:09 +02:00			`* Official app website: https://github.com/sprin/TrustyHash`
			`* Official user documentation: https://github.com/sprin/TrustyHash`
			`* Upstream app code repository: https://github.com/sprin/TrustyHash`
			`* YunoHost documentation for this app: https://yunohost.org/app_TrustyHash`
			`* Report a bug: https://github.com/YunoHost-Apps/TrustyHash_ynh/issues`
Initial commit 2022-05-05 17:51:33 +02:00
			`## Developer info`

Auto-update README 2022-05-05 17:58:09 +02:00			`Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/TrustyHash_ynh/tree/testing).`
Initial commit 2022-05-05 17:51:33 +02:00
			`To try the testing branch, please proceed like that.`
			```
Auto-update README 2022-05-05 17:58:09 +02:00			`sudo yunohost app install https://github.com/YunoHost-Apps/TrustyHash_ynh/tree/testing --debug`
Initial commit 2022-05-05 17:51:33 +02:00			`or`
Auto-update README 2022-05-05 17:58:09 +02:00			`sudo yunohost app upgrade TrustyHash -u https://github.com/YunoHost-Apps/TrustyHash_ynh/tree/testing --debug`
Initial commit 2022-05-05 17:51:33 +02:00			```

Auto-update README 2022-05-05 17:51:35 +02:00			`More info regarding app packaging: https://yunohost.org/packaging_apps`