From 67865ad9bd6427db6040368aa74b8f319c852fd4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89ric=20Gaspar?=
 <46165813+ericgaspar@users.noreply.github.com>
Date: Wed, 11 Jan 2023 15:55:23 +0100
Subject: [PATCH 1/5] Cleaning

---
 conf/nginx.conf    |   3 +-
 doc/DESCRIPTION.md |  50 -------
 manifest.json      |   8 +-
 scripts/_common.sh |   2 +-
 scripts/backup     |  46 -------
 scripts/change_url |  39 +-----
 scripts/install    | 333 ++-------------------------------------------
 scripts/remove     | 112 ++-------------
 scripts/restore    |  94 -------------
 scripts/upgrade    | 155 ++-------------------
 10 files changed, 41 insertions(+), 801 deletions(-)

diff --git a/conf/nginx.conf b/conf/nginx.conf
index fe428f7..864573c 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -2,9 +2,8 @@
 location __PATH__/ {
 
   # Path to source
-  alias __FINALPATH__/ ;
+  alias __FINALPATH__/;
 
-### Example PHP configuration (remove it if not used)
   index index.html;
 
   # Include SSOWAT user panel.
diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md
index 00092c0..1ee3e2f 100644
--- a/doc/DESCRIPTION.md
+++ b/doc/DESCRIPTION.md
@@ -1,54 +1,4 @@
-# TrustyHash - A Trustable Hash Calculator
-
 TrustyHash is a small [client-side](https://unhosted.org/) web application that
 computes SHA-256 hash values on both local files and on remote URLs, with a
 strong emphasis on a process that will allow you to trust the results. Works
 offline!
-
-TrustyHash homepage: https://github.com/sprin/TrustyHash
-
-[Use it here](https://sprin.github.io/TrustyHash/)
-
-## How is this useful?
-
-Integrity: "We have in hand the same set of sequences of bits that came into
-existence when the object was created" - [Lynch](http://www.clir.org/pubs/reports/pub92/lynch.html)
-
-"Friends don't let friends use unverified downloads."
-
-This fills a need for a verifiable, web-based hash calculator written in free
-JavaScript. If you already use the command-line hash utilities on your
-system, you should continue to use those. This is targeted towards users who do
-not have or are unable to use the hash utilities on their local systems. While
-universal command-line-literacy is a good goal, the concepts of file integrity and
-authenticity and the ability to use tools for verification are perhaps more
-fundamental.
-
-Integrity is the first link in secure systems, and key to determining
-authenticity. If we trust the association between an author and the hash value
-of a file they created, perhaps because we trust them and they gave us the
-hash in person, we can authenticate whether a file we believe to be the same
-really did come from them. We can achieve the same result if the author had
-used a signing key, and signed and distributed a hash value along with the
-file, and we could trust the association between a particular key and the
-author - albeit with somewhat more complexity and caveats (eg, has the signing
-key been kept private?).
-
-In a few words, this tool aims to enable verification of integrity and
-authenticity claims in an accessible way that depends only on a trusted hash
-value and the correctness and integrity of the TrustyHash app and the browser
-it executes in. See the section "Trust" below for recommendations on
-how to verify integrity of this application.
-
-## Usage
-
-Local files can be opened from a file select dialog, or dragged into the "drop
-area". Remote URLs can be entered, and if the remote server allows cross-origin
-GET requests via
-[CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS),
-the file will be downloaded to the browser, with the option of saving locally.
-
-It's recommended to save the application, verify the integrity, and use the
-saved copy from then on. To save from the browser, use "Save Page" > "Web Page,
-HTML Only", and use a filename of `TrustyHash.html`. To verify, read the
-section on "Trust" below.
diff --git a/manifest.json b/manifest.json
index 3821bdc..973062c 100644
--- a/manifest.json
+++ b/manifest.json
@@ -3,8 +3,8 @@
     "id": "trustyhash",
     "packaging_format": 1,
     "description": {
-        "en": "a small client-side web application that computes SHA-256 hash values on both local files and on remote URLs. Works offline!",
-        "fr": "une petite application Web côté client qui calcule les valeurs de hachage SHA-256 sur les fichiers locaux et sur les URL distantes. Fonctionne hors ligne !"
+        "en": "SHA-256 Hash Calculator",
+        "fr": "Calculateur de hachage SHA-256"
     },
     "version": "1.0~ynh1",
     "url": "https://github.com/sprin/TrustyHash",
@@ -21,12 +21,12 @@
         "email": ""
     },
     "requirements": {
-        "yunohost": ">= 4.3.0"
+        "yunohost": ">= 11.0.9"
     },
     "multi_instance": true,
     "services": [
         "nginx",
-        "php7.3-fpm"
+        "php7.4-fpm"
     ],
     "arguments": {
         "install" : [
diff --git a/scripts/_common.sh b/scripts/_common.sh
index 4468f0b..408ed02 100644
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -5,7 +5,7 @@
 #=================================================
 
 # dependencies used by the app
-YNH_PHP_VERSION="7.3"
+YNH_PHP_VERSION="7.4"
 
 #=================================================
 # PERSONAL HELPERS
diff --git a/scripts/backup b/scripts/backup
index d0b7cd8..3001fff 100755
--- a/scripts/backup
+++ b/scripts/backup
@@ -30,20 +30,13 @@ app=$YNH_APP_INSTANCE_NAME
 
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 domain=$(ynh_app_setting_get --app=$app --key=domain)
-# db_name=$(ynh_app_setting_get --app=$app --key=db_name)
 phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
-# datadir=$(ynh_app_setting_get --app=$app --key=datadir)
 
 #=================================================
 # DECLARE DATA AND CONF FILES TO BACKUP
 #=================================================
 ynh_print_info --message="Declaring files to be backed up..."
 
-### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs
-### to be backuped and not an actual copy of any file. The actual backup that
-### creates and fill the archive with the files happens in the core after this
-### script is called. Hence ynh_backups calls takes basically 0 seconds to run.
-
 #=================================================
 # BACKUP THE APP MAIN DIR
 #=================================================
@@ -68,45 +61,6 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 
 ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
 
-#=================================================
-# BACKUP FAIL2BAN CONFIGURATION
-#=================================================
-
-# ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
-# ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
-
-#=================================================
-# SPECIFIC BACKUP
-#=================================================
-# BACKUP LOGROTATE
-#=================================================
-
-# ynh_backup --src_path="/etc/logrotate.d/$app"
-
-#=================================================
-# BACKUP SYSTEMD
-#=================================================
-
-# ynh_backup --src_path="/etc/systemd/system/$app.service"
-
-#=================================================
-# BACKUP VARIOUS FILES
-#=================================================
-
-# ynh_backup --src_path="/etc/cron.d/$app"
-
-# ynh_backup --src_path="/etc/$app/"
-
-#=================================================
-# BACKUP THE MYSQL DATABASE
-#=================================================
-# ynh_print_info --message="Backing up the MySQL database..."
-
-### (However, things like MySQL dumps *do* take some time to run, though the
-### copy of the generated dump to the archive still happens later)
-
-# ynh_mysql_dump_db --database="$db_name" > db.sql
-
 #=================================================
 # END OF SCRIPT
 #=================================================
diff --git a/scripts/change_url b/scripts/change_url
index d0e5ff8..ff06606 100644
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -24,20 +24,15 @@ app=$YNH_APP_INSTANCE_NAME
 #=================================================
 # LOAD SETTINGS
 #=================================================
-ynh_script_progression --message="Loading installation settings..."  --weight=1
+ynh_script_progression --message="Loading installation settings..." --weight=1
 
 # Needed for helper "ynh_add_nginx_config"
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 
-# Add settings here as needed by your application
-#db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-#db_user=$db_name
-#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
-
 #=================================================
 # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
 #=================================================
-ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..."  --weight=1
+ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
 
 # Backup the current version of the app
 ynh_backup_before_upgrade
@@ -67,19 +62,10 @@ then
 	change_path=1
 fi
 
-#=================================================
-# STANDARD MODIFICATIONS
-#=================================================
-# STOP SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Stopping a systemd service..."  --weight=1
-
-ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
-
 #=================================================
 # MODIFY URL IN NGINX CONF
 #=================================================
-ynh_script_progression --message="Updating NGINX web server configuration..."  --weight=1
+ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
 
 nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
 
@@ -105,25 +91,10 @@ then
 	ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
 fi
 
-#=================================================
-# SPECIFIC MODIFICATIONS
-#=================================================
-# ...
-#=================================================
-
-#=================================================
-# GENERIC FINALISATION
-#=================================================
-# START SYSTEMD SERVICE
-#=================================================
-# ynh_script_progression --message="Starting a systemd service..."  --weight=1
-
-# ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
-
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_script_progression --message="Reloading NGINX web server..."  --weight=1
+ynh_script_progression --message="Reloading NGINX web server..." --weight=1
 
 ynh_systemd_action --service_name=nginx --action=reload
 
@@ -131,4 +102,4 @@ ynh_systemd_action --service_name=nginx --action=reload
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Change of URL completed for $app"  --last
+ynh_script_progression --message="Change of URL completed for $app" --last
diff --git a/scripts/install b/scripts/install
index e0d882a..4eb8d1f 100755
--- a/scripts/install
+++ b/scripts/install
@@ -28,38 +28,13 @@ domain=$YNH_APP_ARG_DOMAIN
 path_url=$YNH_APP_ARG_PATH
 phpversion=$YNH_PHP_VERSION
 
-# is_public=$YNH_APP_ARG_IS_PUBLIC
-# language=$YNH_APP_ARG_LANGUAGE
-# admin=$YNH_APP_ARG_ADMIN
-# password=$YNH_APP_ARG_PASSWORD
-
-### If it's a multi-instance app, meaning it can be installed several times independently
-### The id of the app as stated in the manifest is available as $YNH_APP_ID
-### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...)
-### The app instance name is available as $YNH_APP_INSTANCE_NAME
-###    - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
-###    - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
-###    - ynhexample__{N} for the subsequent installations, with N=3,4...
-### The app instance name is probably what interests you most, since this is
-### guaranteed to be unique. This is a good unique identifier to define installation path,
-### db names...
 app=$YNH_APP_INSTANCE_NAME
 
 #=================================================
 # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
 #=================================================
-### About --weight and 
-### ynh_script_progression will show to your final users the progression of each scripts.
-### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script.
-###  is a packager option, it will show you the execution time since the previous call.
-### This option should be removed before releasing your app.
-### Use the execution time, given by , to estimate the weight of a step.
-### A common way to do it is to set a weight equal to the execution time in second +1.
-### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call.
-ynh_script_progression --message="Validating installation parameters..."  --weight=1
+ynh_script_progression --message="Validating installation parameters..." --weight=1
 
-### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
-### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app"
 final_path=/var/www/$app
 test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
 
@@ -69,342 +44,54 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
-ynh_script_progression --message="Storing installation settings..."  --weight=1
+ynh_script_progression --message="Storing installation settings..." --weight=1
 
 ynh_app_setting_set --app=$app --key=domain --value=$domain
 ynh_app_setting_set --app=$app --key=path --value=$path_url
 ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion
 ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 
-# ynh_app_setting_set --app=$app --key=language --value=$language
-# ynh_app_setting_set --app=$app --key=admin --value=$admin
-
-#=================================================
-# STANDARD MODIFICATIONS
-#=================================================
-# FIND AND OPEN A PORT
-#=================================================
-# ynh_script_progression --message="Finding an available port..."  --weight=1
-
-### Use these lines if you have to open a port for the application
-### `ynh_find_port` will find the first available port starting from the given port.
-### If you're not using these lines:
-###		- Remove the section "CLOSE A PORT" in the remove script
-
-# Find an available port
-# port=$(ynh_find_port --port=8095)
-# ynh_app_setting_set --app=$app --key=port --value=$port
-
-# Optional: Expose this port publicly
-# (N.B.: you only need to do this if the app actually needs to expose the port publicly.
-# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !)
-
-# Open the port
-# ynh_script_progression --message="Configuring firewall..."  --weight=1
-# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
-
-#=================================================
-# INSTALL DEPENDENCIES
-#=================================================
-# ynh_script_progression --message="Installing dependencies..."  --weight=1
-
-### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package.
-### Those deb packages will be installed as dependencies of this package.
-### If you're not using this helper:
-###		- Remove the section "REMOVE DEPENDENCIES" in the remove script
-###		- Remove the variable "pkg_dependencies" in _common.sh
-###		- As well as the section "REINSTALL DEPENDENCIES" in the restore script
-###		- And the section "UPGRADE DEPENDENCIES" in the upgrade script
-
-# ynh_install_app_dependencies $pkg_dependencies
-
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
-ynh_script_progression --message="Configuring system user..."  --weight=1
+ynh_script_progression --message="Configuring system user..." --weight=1
 
 # Create a system user
 ynh_system_user_create --username=$app --home_dir="$final_path"
 
-#=================================================
-# CREATE A MYSQL DATABASE
-#=================================================
-# ynh_script_progression --message="Creating a MySQL database..."  --weight=1
-
-### Use these lines if you need a database for the application.
-### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password.
-### The password will be stored as 'mysqlpwd' into the app settings,
-### and will be available as $db_pwd
-### If you're not using these lines:
-###		- Remove the section "BACKUP THE MYSQL DATABASE" in the backup script
-###		- Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script
-###		- As well as the section "RESTORE THE MYSQL DATABASE" in the restore script
-
-# db_name=$(ynh_sanitize_dbid --db_name=$app)
-# db_user=$db_name
-# ynh_app_setting_set --app=$app --key=db_name --value=$db_name
-# ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
-
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_script_progression --message="Setting up source files..."  --weight=1
-
-### `ynh_setup_source` is used to install an app from a zip or tar.gz file,
-### downloaded from an upstream source, like a git repository.
-### `ynh_setup_source` use the file conf/app.src
+ynh_script_progression --message="Setting up source files..." --weight=1
 
 ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$final_path"
 
-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 
-#=================================================
-# NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Configuring NGINX web server..."  --weight=1
-
-### `ynh_add_nginx_config` will use the file conf/nginx.conf
-
-# Create a dedicated NGINX config
-ynh_add_nginx_config
-
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Configuring PHP-FPM..."  --weight=1
-
-### `ynh_add_fpm_config` is used to set up a PHP config.
-### You can remove it if your app doesn't use PHP.
-### `ynh_add_fpm_config` will use the files conf/php-fpm.conf
-### If you're not using these lines:
-###		- You can remove these files in conf/.
-###		- Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script
-###		- Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script
-###		- As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script
-###		  with the reload at the end of the script.
-###		- And the section "PHP-FPM CONFIGURATION" in the upgrade script
+ynh_script_progression --message="Configuring PHP-FPM..." --weight=1
 
 # Create a dedicated PHP-FPM config
 ynh_add_fpm_config
 
 #=================================================
-# SPECIFIC SETUP
-#=================================================
-# ...
+# NGINX CONFIGURATION
 #=================================================
+ynh_script_progression --message="Configuring NGINX web server..." --weight=1
 
-#=================================================
-# CREATE DATA DIRECTORY
-#=================================================
-# ynh_script_progression --message="Creating a data directory..."  --weight=1
-
-### Use these lines if you need to create a directory to store "persistent files" for the application.
-### Usually this directory is used to store uploaded files or any file that won't be updated during 
-### an upgrade and that won't be deleted during app removal unless "--purge" option is used.
-### If you're not using these lines:
-###		- Remove the section "BACKUP THE DATA DIR" in the backup script
-###		- Remove the section "RESTORE THE DATA DIRECTORY" in the restore script
-###     - As well as the section "REMOVE DATA DIR" in the remove script
-
-# datadir=/home/yunohost.app/$app
-# ynh_app_setting_set --app=$app --key=datadir --value=$datadir
-
-# mkdir -p $datadir
-
-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
-# chmod 750 "$datadir"
-# chmod -R o-rwx "$datadir"
-# chown -R $app:www-data "$datadir"
-
-#=================================================
-# ADD A CONFIGURATION
-#=================================================
-# ynh_script_progression --message="Adding a configuration file..."  --weight=1
-
-### You can add specific configuration files.
-###
-### Typically, put your template conf file in ../conf/your_config_file
-### The template may contain strings such as __FOO__ or __FOO_BAR__,
-### which will automatically be replaced by the values of $foo and $foo_bar
-###
-### ynh_add_config will also keep track of the config file's checksum,
-### which later during upgrade may allow to automatically backup the config file
-### if it's found that the file was manually modified
-###
-### Check the documentation of `ynh_add_config` for more info.
-
-# ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file"
-
-# FIXME: this should be handled by the core in the future
-# You may need to use chmod 600 instead of 400,
-# for example if the app is expected to be able to modify its own config
-# chmod 400 "$final_path/some_config_file"
-# chown $app:$app "$final_path/some_config_file"
-
-### For more complex cases where you want to replace stuff using regexes,
-### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
-### When doing so, you also need to manually call ynh_store_file_checksum
-###
-### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file"
-### ynh_store_file_checksum --file="$final_path/some_config_file"
-
-#=================================================
-# SETUP SYSTEMD
-#=================================================
-# ynh_script_progression --message="Configuring a systemd service..."  --weight=1
-
-### `ynh_systemd_config` is used to configure a systemd script for an app.
-### It can be used for apps that use sysvinit (with adaptation) or systemd.
-### Have a look at the app to be sure this app needs a systemd script.
-### `ynh_systemd_config` will use the file conf/systemd.service
-### If you're not using these lines:
-###		- You can remove those files in conf/.
-###		- Remove the section "BACKUP SYSTEMD" in the backup script
-###		- Remove also the section "STOP AND REMOVE SERVICE" in the remove script
-###		- As well as the section "RESTORE SYSTEMD" in the restore script
-###		- And the section "SETUP SYSTEMD" in the upgrade script
-
-# Create a dedicated systemd config
-# ynh_add_systemd_config
-
-#=================================================
-# SETUP APPLICATION WITH CURL
-#=================================================
-
-### Use these lines only if the app installation needs to be finalized through
-### web forms. We generally don't want to ask the final user,
-### so we're going to use curl to automatically fill the fields and submit the
-### forms.
-
-# Set the app as temporarily public for curl call
-# ynh_script_progression --message="Configuring SSOwat..."  --weight=1
-# Making the app public for curl
-# ynh_permission_update --permission="main" --add="visitors"
-
-# Installation with curl
-# ynh_script_progression --message="Finalizing installation..."  --weight=1
-# ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
-
-# Remove the public access
-# ynh_permission_update --permission="main" --remove="visitors"
-
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# SETUP LOGROTATE
-#=================================================
-# ynh_script_progression --message="Configuring log rotation..."  --weight=1
-
-### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app.
-### Use this helper only if there is effectively a log file for this app.
-### If you're not using this helper:
-###		- Remove the section "BACKUP LOGROTATE" in the backup script
-###		- Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script
-###		- As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script
-###		- And the section "SETUP LOGROTATE" in the upgrade script
-
-# Use logrotate to manage application logfile(s)
-# ynh_use_logrotate
-
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-# ynh_script_progression --message="Integrating service in YunoHost..."  --weight=1
-
-### `yunohost service add` integrates a service in YunoHost. It then gets
-### displayed in the admin interface and through the others `yunohost service` commands.
-### (N.B.: this line only makes sense if the app adds a service to the system!)
-### If you're not using these lines:
-###		- You can remove these files in conf/.
-###		- Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script
-###		- As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script
-###		- And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script
-
-# yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
-
-### Additional options starting with 3.8:
-###
-### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed
-###                               which will then be checked by YunoHost's diagnosis system
-###                               (N.B. DO NOT USE THIS is the port is only internal!!!)
-###
-### --test_status "some command"  a custom command to check the status of the service
-###                               (only relevant if 'systemctl status' doesn't do a good job)
-###
-### --test_conf "some command"    some command similar to "nginx -t" that validates the conf of the service
-###
-### Re-calling 'yunohost service add' during the upgrade script is the right way
-### to proceed if you later realize that you need to enable some flags that
-### weren't enabled on old installs (be careful it'll override the existing
-### service though so you should re-provide all relevant flags when doing so)
-
-#=================================================
-# START SYSTEMD SERVICE
-#=================================================
-# ynh_script_progression --message="Starting a systemd service..."  --weight=1
-
-### `ynh_systemd_action` is used to start a systemd service for an app.
-### Only needed if you have configure a systemd service
-### If you're not using these lines:
-###		- Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script
-###		- As well as the section "START SYSTEMD SERVICE" in the restore script
-###		- As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script
-###		- And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script
-
-# Start a systemd service
-# ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
-
-#=================================================
-# SETUP FAIL2BAN
-#=================================================
-# ynh_script_progression --message="Configuring Fail2Ban..."  --weight=1
-
-# Create a dedicated Fail2Ban config
-# ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
-
-#=================================================
-# SETUP SSOWAT
-#=================================================
-# ynh_script_progression --message="Configuring permissions..."  --weight=1
-
-# Make app public if necessary
-# if [ $is_public -eq 1 ]
-# then
-	# Everyone can access the app.
-	# The "main" permission is automatically created before the install script.
-#	ynh_permission_update --permission="main" --add="visitors"
-# fi
-
-### N.B. : the following extra permissions only make sense if your app
-### does have for example an admin interface or an API.
-
-# Only the admin can access the admin panel of the app (if the app has an admin panel)
-# ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
-
-# Everyone can access the API part
-# We don't want to display the tile in the SSO so we put --show_tile="false"
-# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true"
-# ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
+# Create a dedicated NGINX config
+ynh_add_nginx_config
 
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_script_progression --message="Reloading NGINX web server..."  --weight=1
+ynh_script_progression --message="Reloading NGINX web server..." --weight=1
 
 ynh_systemd_action --service_name=nginx --action=reload
 
diff --git a/scripts/remove b/scripts/remove
index 58312dc..94db125 100755
--- a/scripts/remove
+++ b/scripts/remove
@@ -12,137 +12,43 @@ source /usr/share/yunohost/helpers
 #=================================================
 # LOAD SETTINGS
 #=================================================
-ynh_script_progression --message="Loading installation settings..."  --weight=1
+ynh_script_progression --message="Loading installation settings..." --weight=1
 
 app=$YNH_APP_INSTANCE_NAME
 
 domain=$(ynh_app_setting_get --app=$app --key=domain)
-# port=$(ynh_app_setting_get --app=$app --key=port)
-# db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-# db_user=$db_name
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-# datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
-#=================================================
-# STANDARD REMOVE
-#=================================================
-# REMOVE SERVICE INTEGRATION IN YUNOHOST
-#=================================================
-
-# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
-# if ynh_exec_warn_less yunohost service status $app >/dev/null
-# then
-# 	ynh_script_progression --message="Removing $app service integration..."  --weight=1
-# 	yunohost service remove $app
-# fi
-
-#=================================================
-# STOP AND REMOVE SERVICE
-#=================================================
-# ynh_script_progression --message="Stopping and removing the systemd service..."  --weight=1
-
-# Remove the dedicated systemd config
-# ynh_remove_systemd_config
-
-#=================================================
-# REMOVE LOGROTATE CONFIGURATION
-#=================================================
-# ynh_script_progression --message="Removing logrotate configuration..."  --weight=1
-
-# Remove the app-specific logrotate config
-# ynh_remove_logrotate
-
-#=================================================
-# REMOVE THE MYSQL DATABASE
-#=================================================
-# ynh_script_progression --message="Removing the MySQL database..."  --weight=1
-
-# Remove a database if it exists, along with the associated user
-# ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
 
 #=================================================
 # REMOVE APP MAIN DIR
 #=================================================
-ynh_script_progression --message="Removing app main directory..."  --weight=1
+ynh_script_progression --message="Removing app main directory..." --weight=1
 
 # Remove the app directory securely
 ynh_secure_remove --file="$final_path"
 
-#=================================================
-# REMOVE DATA DIR
-#=================================================
-
-# Remove the data directory if --purge option is used
-# if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
-# then
-# 	ynh_script_progression --message="Removing app data directory..."  --weight=1
-# 	ynh_secure_remove --file="$datadir"
-# fi
-
-#=================================================
-# REMOVE NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Removing NGINX web server configuration..."  --weight=1
-
-# Remove the dedicated NGINX config
-ynh_remove_nginx_config
-
 #=================================================
 # REMOVE PHP-FPM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Removing PHP-FPM configuration..."  --weight=1
+ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=1
 
 # Remove the dedicated PHP-FPM config
 ynh_remove_fpm_config
 
 #=================================================
-# REMOVE DEPENDENCIES
+# REMOVE NGINX CONFIGURATION
 #=================================================
-# ynh_script_progression --message="Removing dependencies..."  --weight=1
+ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
 
-# Remove metapackage and its dependencies
-# ynh_remove_app_dependencies
-
-#=================================================
-# CLOSE A PORT
-#=================================================
-
-# if yunohost firewall list | grep -q "\- $port$"
-# then
-# 	ynh_script_progression --message="Closing port $port..."  --weight=1
-# 	ynh_exec_warn_less yunohost firewall disallow TCP $port
-# fi
-
-#=================================================
-# REMOVE FAIL2BAN CONFIGURATION
-#=================================================
-# ynh_script_progression --message="Removing Fail2Ban configuration..."  --weight=1
-
-# Remove the dedicated Fail2Ban config
-# ynh_remove_fail2ban_config
-
-#=================================================
-# SPECIFIC REMOVE
-#=================================================
-# REMOVE VARIOUS FILES
-#=================================================
-# ynh_script_progression --message="Removing various files..."  --weight=1
-
-# Remove a cron file
-# ynh_secure_remove --file="/etc/cron.d/$app"
-
-# Remove a directory securely
-# ynh_secure_remove --file="/etc/$app"
-
-# Remove the log files
-# ynh_secure_remove --file="/var/log/$app"
+# Remove the dedicated NGINX config
+ynh_remove_nginx_config
 
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # REMOVE DEDICATED USER
 #=================================================
-ynh_script_progression --message="Removing the dedicated system user..."  --weight=1
+ynh_script_progression --message="Removing the dedicated system user..." --weight=1
 
 # Delete a system user
 ynh_system_user_delete --username=$app
@@ -151,4 +57,4 @@ ynh_system_user_delete --username=$app
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Removal of $app completed"  --last
+ynh_script_progression --message="Removal of $app completed" --last
diff --git a/scripts/restore b/scripts/restore
index bba214e..2a476e9 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -31,10 +31,7 @@ app=$YNH_APP_INSTANCE_NAME
 domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-# db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-# db_user=$db_name
 phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
-# datadir=$(ynh_app_setting_get --app=$app --key=datadir)
 
 #=================================================
 # CHECK IF THE APP CAN BE RESTORED
@@ -68,35 +65,10 @@ ynh_script_progression --message="Restoring the app main directory..."  --weight
 
 ynh_restore_file --origin_path="$final_path"
 
-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 
-#=================================================
-# RESTORE THE DATA DIRECTORY
-#=================================================
-# ynh_script_progression --message="Restoring the data directory..."  --weight=1
-
-# ynh_restore_file --origin_path="$datadir" --not_mandatory
-
-# mkdir -p $datadir
-
-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
-# chmod 750 "$datadir"
-# chmod -R o-rwx "$datadir"
-# chown -R $app:www-data "$datadir"
-
 #=================================================
 # RESTORE THE PHP-FPM CONFIGURATION
 #=================================================
@@ -104,72 +76,6 @@ ynh_script_progression --message="Restoring the PHP-FPM configuration..."  --wei
 
 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
 
-#=================================================
-# RESTORE FAIL2BAN CONFIGURATION
-#=================================================
-# ynh_script_progression --message="Restoring the Fail2Ban configuration..."  --weight=1
-
-# ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
-# ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
-# ynh_systemd_action --action=restart --service_name=fail2ban
-
-#=================================================
-# SPECIFIC RESTORATION
-#=================================================
-# REINSTALL DEPENDENCIES
-#=================================================
-# ynh_script_progression --message="Reinstalling dependencies..."  --weight=1
-
-# Define and install dependencies
-# ynh_install_app_dependencies $pkg_dependencies
-
-#=================================================
-# RESTORE THE MYSQL DATABASE
-#=================================================
-# ynh_script_progression --message="Restoring the MySQL database..."  --weight=1
-
-# db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
-# ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
-# ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
-
-#=================================================
-# RESTORE VARIOUS FILES
-#=================================================
-# ynh_script_progression --message="Restoring various files..."  --weight=1
-
-# ynh_restore_file --origin_path="/etc/cron.d/$app"
-
-# ynh_restore_file --origin_path="/etc/$app/"
-
-#=================================================
-# RESTORE SYSTEMD
-#=================================================
-# ynh_script_progression --message="Restoring the systemd configuration..."  --weight=1
-
-# ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
-# systemctl enable $app.service --quiet
-
-#=================================================
-# RESTORE THE LOGROTATE CONFIGURATION
-#=================================================
-# ynh_script_progression --message="Restoring the logrotate configuration..."  --weight=1
-
-# ynh_restore_file --origin_path="/etc/logrotate.d/$app"
-
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-# ynh_script_progression --message="Integrating service in YunoHost..."  --weight=1
-
-# yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
-
-#=================================================
-# START SYSTEMD SERVICE
-#=================================================
-# ynh_script_progression --message="Starting a systemd service..."  --weight=1
-
-# ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
-
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index 985299d..1b0e664 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -12,33 +12,24 @@ source /usr/share/yunohost/helpers
 #=================================================
 # LOAD SETTINGS
 #=================================================
-ynh_script_progression --message="Loading installation settings..."  --weight=1
+ynh_script_progression --message="Loading installation settings..." --weight=1
 
 app=$YNH_APP_INSTANCE_NAME
 
 domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
-# language=$(ynh_app_setting_get --app=$app --key=language)
-# admin=$(ynh_app_setting_get --app=$app --key=admin)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-# db_name=$(ynh_app_setting_get --app=$app --key=db_name)
 
 #=================================================
 # CHECK VERSION
 #=================================================
 
-### This helper will compare the version of the currently installed app and the version of the upstream package.
-### $upgrade_type can have 2 different values
-### - UPGRADE_APP if the upstream app version has changed
-### - UPGRADE_PACKAGE if only the YunoHost package has changed
-### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
-### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
 upgrade_type=$(ynh_check_app_version_changed)
 
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
-ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."  --weight=1
+ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
 
 # Backup the current version of the app
 ynh_backup_before_upgrade
@@ -49,40 +40,10 @@ ynh_clean_setup () {
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 
-#=================================================
-# STANDARD UPGRADE STEPS
-#=================================================
-# STOP SYSTEMD SERVICE
-#=================================================
-# ynh_script_progression --message="Stopping a systemd service..."  --weight=1
-
-# ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
-
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
-ynh_script_progression --message="Ensuring downward compatibility..."  --weight=1
-
-#
-# N.B. : the followings setting migrations snippets are provided as *EXAMPLES*
-# of what you may want to do in some cases (e.g. a setting was not defined on
-# some legacy installs and you therefore want to initiaze stuff during upgrade)
-#
-
-# If db_name doesn't exist, create it
-#if [ -z "$db_name" ]; then
-#	db_name=$(ynh_sanitize_dbid --db_name=$app)
-#	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
-#fi
-
-# If final_path doesn't exist, create it
-#if [ -z "$final_path" ]; then
-#	final_path=/var/www/$app
-#	ynh_app_setting_set --app=$app --key=final_path --value=$final_path
-#fi
-
-### If nobody installed your app before 4.1,
-### then you may safely remove these lines
+ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
 
 # Cleaning legacy permissions
 if ynh_legacy_permissions_exists; then
@@ -91,20 +52,10 @@ if ynh_legacy_permissions_exists; then
 	ynh_app_setting_delete --app=$app --key=is_public
 fi
 
-# if ! ynh_permission_exists --permission="admin"; then
-	# Create the required permissions
-#	ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
-# fi
-
-# Create a permission if needed
-# if ! ynh_permission_exists --permission="api"; then
-#	ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
-# fi
-
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..."  --weight=1
+ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
 
 # Create a dedicated user (if not existing)
 ynh_system_user_create --username=$app --home_dir="$final_path"
@@ -115,120 +66,36 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
 
 if [ "$upgrade_type" == "UPGRADE_APP" ]
 then
-	ynh_script_progression --message="Upgrading source files..."  --weight=1
+	ynh_script_progression --message="Upgrading source files..." --weight=1
 
 	# Download, check integrity, uncompress and patch the source from app.src
 	ynh_setup_source --dest_dir="$final_path"
 fi
 
-# FIXME: this should be managed by the core in the future
-# Here, as a packager, you may have to tweak the ownerhsip/permissions
-# such that the appropriate users (e.g. maybe www-data) can access
-# files in some cases.
-# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
-# this will be treated as a security issue.
 chmod 750 "$final_path"
 chmod -R o-rwx "$final_path"
 chown -R $app:www-data "$final_path"
 
-#=================================================
-# NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Upgrading NGINX web server configuration..."  --weight=1
-
-# Create a dedicated NGINX config
-ynh_add_nginx_config
-
-#=================================================
-# UPGRADE DEPENDENCIES
-#=================================================
-# ynh_script_progression --message="Upgrading dependencies..."  --weight=1
-
-# ynh_install_app_dependencies $pkg_dependencies
-
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Upgrading PHP-FPM configuration..."  --weight=1
+ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1
 
 # Create a dedicated PHP-FPM config
 ynh_add_fpm_config
 
 #=================================================
-# SPECIFIC UPGRADE
-#=================================================
-# ...
+# NGINX CONFIGURATION
 #=================================================
+ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
 
-#=================================================
-# UPDATE A CONFIG FILE
-#=================================================
-# ynh_script_progression --message="Updating a configuration file..."  --weight=1
-
-### Same as during install
-###
-### The file will automatically be backed-up if it's found to be manually modified (because
-### ynh_add_config keeps track of the file's checksum)
-
-# ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file"
-
-# FIXME: this should be handled by the core in the future
-# You may need to use chmod 600 instead of 400,
-# for example if the app is expected to be able to modify its own config
-# chmod 400 "$final_path/some_config_file"
-# chown $app:$app "$final_path/some_config_file"
-
-### For more complex cases where you want to replace stuff using regexes,
-### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
-### When doing so, you also need to manually call ynh_store_file_checksum
-###
-### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file"
-### ynh_store_file_checksum --file="$final_path/some_config_file"
-
-#=================================================
-# SETUP SYSTEMD
-#=================================================
-# ynh_script_progression --message="Upgrading systemd configuration..."  --weight=1
-
-# Create a dedicated systemd config
-# ynh_add_systemd_config
-
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# SETUP LOGROTATE
-#=================================================
-# ynh_script_progression --message="Upgrading logrotate configuration..."  --weight=1
-
-# Use logrotate to manage app-specific logfile(s)
-# ynh_use_logrotate --non-append
-
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-# ynh_script_progression --message="Integrating service in YunoHost..."  --weight=1
-
-# yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
-
-#=================================================
-# START SYSTEMD SERVICE
-#=================================================
-# ynh_script_progression --message="Starting a systemd service..."  --weight=1
-
-# ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
-
-#=================================================
-# UPGRADE FAIL2BAN
-#=================================================
-# ynh_script_progression --message="Reconfiguring Fail2Ban..."  --weight=1
-
-# Create a dedicated Fail2Ban config
-# ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
+# Create a dedicated NGINX config
+ynh_add_nginx_config
 
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_script_progression --message="Reloading NGINX web server..."  --weight=1
+ynh_script_progression --message="Reloading NGINX web server..." --weight=1
 
 ynh_systemd_action --service_name=nginx --action=reload
 

From 16e5d4fb36277e275c52e45142ec7c7193390770 Mon Sep 17 00:00:00 2001
From: yunohost-bot <yunohost@yunohost.org>
Date: Wed, 11 Jan 2023 14:55:28 +0000
Subject: [PATCH 2/5] Auto-update README

---
 README.md    | 69 +++++++----------------------------------------
 README_fr.md | 75 +++++++++++-----------------------------------------
 2 files changed, 25 insertions(+), 119 deletions(-)

diff --git a/README.md b/README.md
index 4b225f5..ad9ca7e 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@ It shall NOT be edited by hand.
 
 # TrustyHash for YunoHost
 
-[![Integration level](https://dash.yunohost.org/integration/trustyhash.svg)](https://dash.yunohost.org/appci/app/trustyhash) ![](https://ci-apps.yunohost.org/ci/badges/trustyhash.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/trustyhash.maintain.svg)  
+[![Integration level](https://dash.yunohost.org/integration/trustyhash.svg)](https://dash.yunohost.org/appci/app/trustyhash) ![Working status](https://ci-apps.yunohost.org/ci/badges/trustyhash.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/trustyhash.maintain.svg)  
 [![Install TrustyHash with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=trustyhash)
 
 *[Lire ce readme en français.](./README_fr.md)*
@@ -15,61 +15,11 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
 
 ## Overview
 
-# TrustyHash - A Trustable Hash Calculator
-
 TrustyHash is a small [client-side](https://unhosted.org/) web application that
 computes SHA-256 hash values on both local files and on remote URLs, with a
 strong emphasis on a process that will allow you to trust the results. Works
 offline!
 
-TrustyHash homepage: https://github.com/sprin/TrustyHash
-
-[Use it here](https://sprin.github.io/TrustyHash/)
-
-## How is this useful?
-
-Integrity: "We have in hand the same set of sequences of bits that came into
-existence when the object was created" - [Lynch](http://www.clir.org/pubs/reports/pub92/lynch.html)
-
-"Friends don't let friends use unverified downloads."
-
-This fills a need for a verifiable, web-based hash calculator written in free
-JavaScript. If you already use the command-line hash utilities on your
-system, you should continue to use those. This is targeted towards users who do
-not have or are unable to use the hash utilities on their local systems. While
-universal command-line-literacy is a good goal, the concepts of file integrity and
-authenticity and the ability to use tools for verification are perhaps more
-fundamental.
-
-Integrity is the first link in secure systems, and key to determining
-authenticity. If we trust the association between an author and the hash value
-of a file they created, perhaps because we trust them and they gave us the
-hash in person, we can authenticate whether a file we believe to be the same
-really did come from them. We can achieve the same result if the author had
-used a signing key, and signed and distributed a hash value along with the
-file, and we could trust the association between a particular key and the
-author - albeit with somewhat more complexity and caveats (eg, has the signing
-key been kept private?).
-
-In a few words, this tool aims to enable verification of integrity and
-authenticity claims in an accessible way that depends only on a trusted hash
-value and the correctness and integrity of the TrustyHash app and the browser
-it executes in. See the section "Trust" below for recommendations on
-how to verify integrity of this application.
-
-## Usage
-
-Local files can be opened from a file select dialog, or dragged into the "drop
-area". Remote URLs can be entered, and if the remote server allows cross-origin
-GET requests via
-[CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS),
-the file will be downloaded to the browser, with the option of saving locally.
-
-It's recommended to save the application, verify the integrity, and use the
-saved copy from then on. To save from the browser, use "Save Page" > "Web Page,
-HTML Only", and use a filename of `TrustyHash.html`. To verify, read the
-section on "Trust" below.
-
 
 **Shipped version:** 1.0~ynh1
 
@@ -77,7 +27,7 @@ section on "Trust" below.
 
 ## Screenshots
 
-![](./doc/screenshots/example.jpg)
+![Screenshot of TrustyHash](./doc/screenshots/example.jpg)
 
 ## Disclaimers / important information
 
@@ -370,21 +320,22 @@ the browser, as recommended anyway.
 
 ## Documentation and resources
 
-* Official app website: https://github.com/sprin/TrustyHash
-* Official user documentation: https://github.com/sprin/TrustyHash
-* Upstream app code repository: https://github.com/sprin/TrustyHash
-* YunoHost documentation for this app: https://yunohost.org/app_trustyhash
-* Report a bug: https://github.com/YunoHost-Apps/trustyhash_ynh/issues
+* Official app website: <https://github.com/sprin/TrustyHash>
+* Official user documentation: <https://github.com/sprin/TrustyHash>
+* Upstream app code repository: <https://github.com/sprin/TrustyHash>
+* YunoHost documentation for this app: <https://yunohost.org/app_trustyhash>
+* Report a bug: <https://github.com/YunoHost-Apps/trustyhash_ynh/issues>
 
 ## Developer info
 
 Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/trustyhash_ynh/tree/testing).
 
 To try the testing branch, please proceed like that.
-```
+
+``` bash
 sudo yunohost app install https://github.com/YunoHost-Apps/trustyhash_ynh/tree/testing --debug
 or
 sudo yunohost app upgrade trustyhash -u https://github.com/YunoHost-Apps/trustyhash_ynh/tree/testing --debug
 ```
 
-**More info regarding app packaging:** https://yunohost.org/packaging_apps
\ No newline at end of file
+**More info regarding app packaging:** <https://yunohost.org/packaging_apps>
diff --git a/README_fr.md b/README_fr.md
index 0265f4b..169081a 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -1,71 +1,25 @@
+<!--
+N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
+It shall NOT be edited by hand.
+-->
+
 # TrustyHash pour YunoHost
 
-[![Niveau d'intégration](https://dash.yunohost.org/integration/trustyhash.svg)](https://dash.yunohost.org/appci/app/trustyhash) ![](https://ci-apps.yunohost.org/ci/badges/trustyhash.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/trustyhash.maintain.svg)  
+[![Niveau d'intégration](https://dash.yunohost.org/integration/trustyhash.svg)](https://dash.yunohost.org/appci/app/trustyhash) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/trustyhash.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/trustyhash.maintain.svg)  
 [![Installer TrustyHash avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=trustyhash)
 
 *[Read this readme in english.](./README.md)*
-*[Lire ce readme en français.](./README_fr.md)*
 
 > *Ce package vous permet d'installer TrustyHash rapidement et simplement sur un serveur YunoHost.
 Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
 
 ## Vue d'ensemble
 
-# TrustyHash - A Trustable Hash Calculator
-
 TrustyHash is a small [client-side](https://unhosted.org/) web application that
 computes SHA-256 hash values on both local files and on remote URLs, with a
 strong emphasis on a process that will allow you to trust the results. Works
 offline!
 
-TrustyHash homepage: https://github.com/sprin/TrustyHash
-
-[Use it here](https://sprin.github.io/TrustyHash/)
-
-## How is this useful?
-
-Integrity: "We have in hand the same set of sequences of bits that came into
-existence when the object was created" - [Lynch](http://www.clir.org/pubs/reports/pub92/lynch.html)
-
-"Friends don't let friends use unverified downloads."
-
-This fills a need for a verifiable, web-based hash calculator written in free
-JavaScript. If you already use the command-line hash utilities on your
-system, you should continue to use those. This is targeted towards users who do
-not have or are unable to use the hash utilities on their local systems. While
-universal command-line-literacy is a good goal, the concepts of file integrity and
-authenticity and the ability to use tools for verification are perhaps more
-fundamental.
-
-Integrity is the first link in secure systems, and key to determining
-authenticity. If we trust the association between an author and the hash value
-of a file they created, perhaps because we trust them and they gave us the
-hash in person, we can authenticate whether a file we believe to be the same
-really did come from them. We can achieve the same result if the author had
-used a signing key, and signed and distributed a hash value along with the
-file, and we could trust the association between a particular key and the
-author - albeit with somewhat more complexity and caveats (eg, has the signing
-key been kept private?).
-
-In a few words, this tool aims to enable verification of integrity and
-authenticity claims in an accessible way that depends only on a trusted hash
-value and the correctness and integrity of the TrustyHash app and the browser
-it executes in. See the section "Trust" below for recommendations on
-how to verify integrity of this application.
-
-## Usage
-
-Local files can be opened from a file select dialog, or dragged into the "drop
-area". Remote URLs can be entered, and if the remote server allows cross-origin
-GET requests via
-[CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS),
-the file will be downloaded to the browser, with the option of saving locally.
-
-It's recommended to save the application, verify the integrity, and use the
-saved copy from then on. To save from the browser, use "Save Page" > "Web Page,
-HTML Only", and use a filename of `TrustyHash.html`. To verify, read the
-section on "Trust" below.
-
 
 **Version incluse :** 1.0~ynh1
 
@@ -73,7 +27,7 @@ section on "Trust" below.
 
 ## Captures d'écran
 
-![](./doc/screenshots/example.jpg)
+![Capture d'écran de TrustyHash](./doc/screenshots/example.jpg)
 
 ## Avertissements / informations importantes
 
@@ -366,21 +320,22 @@ the browser, as recommended anyway.
 
 ## Documentations et ressources
 
-* Site officiel de l'app : https://github.com/sprin/TrustyHash
-* Documentation officielle utilisateur : https://github.com/sprin/TrustyHash
-* Dépôt de code officiel de l'app : https://github.com/sprin/TrustyHash
-* Documentation YunoHost pour cette app : https://yunohost.org/app_trustyhash
-* Signaler un bug : https://github.com/YunoHost-Apps/trustyhash_ynh/issues
+* Site officiel de l'app : <https://github.com/sprin/TrustyHash>
+* Documentation officielle utilisateur : <https://github.com/sprin/TrustyHash>
+* Dépôt de code officiel de l'app : <https://github.com/sprin/TrustyHash>
+* Documentation YunoHost pour cette app : <https://yunohost.org/app_trustyhash>
+* Signaler un bug : <https://github.com/YunoHost-Apps/trustyhash_ynh/issues>
 
 ## Informations pour les développeurs
 
 Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/trustyhash_ynh/tree/testing).
 
 Pour essayer la branche testing, procédez comme suit.
-```
+
+``` bash
 sudo yunohost app install https://github.com/YunoHost-Apps/trustyhash_ynh/tree/testing --debug
 ou
 sudo yunohost app upgrade trustyhash -u https://github.com/YunoHost-Apps/trustyhash_ynh/tree/testing --debug
 ```
 
-**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps
\ No newline at end of file
+**Plus d'infos sur le packaging d'applications :** <https://yunohost.org/packaging_apps>

From 732a9b3826d448c14c35fafd312ff48440831ecd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89ric=20Gaspar?=
 <46165813+ericgaspar@users.noreply.github.com>
Date: Wed, 11 Jan 2023 15:56:16 +0100
Subject: [PATCH 3/5] Update DISCLAIMER.md

---
 doc/DISCLAIMER.md | 286 ----------------------------------------------
 1 file changed, 286 deletions(-)

diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md
index 842c1e6..e69de29 100644
--- a/doc/DISCLAIMER.md
+++ b/doc/DISCLAIMER.md
@@ -1,286 +0,0 @@
-## Trust
-
-This app does the hash calculation in the browser using the
-[WebCryptoAPI](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest).
-This means we can trust the hash calculation under the following assumptions:
-
- - The integrity of the application has been preserved when it executes in the
-   browser.
- - The browser and any extensions can be trusted.
-
-### Integrity of the TrustyHash itself
-
-Because the application itself is a single HTML file which can be saved locally,
-there are various means for verifying integrity.
-
-#### Trusted Hash Utility
-
-The most reliable way to verify is to compute the hash of the HTML file with a
-trusted hash utility on the local system, and compare against the values
-published below.
-
-#### Code Audit
-
-Someone familiar with JavaScript can spend a few minutes reading the concise
-source to be assured that the program does what it claims to.
-
-#### No Hash Utility, Can't Audit Code?
-
-Hmm, no trusted hash utility, can't audit the code... you just can't give up
-and use your copy of TrustyHash without trusting it! While you could try some
-half-measure like getting some kind of consensus on the hash value of
-TrustyHash from untrusted hash utilities on the web, maybe other copies of
-TrustyHash found elsewhere... ultimately if you really need to trust
-TrustyHash, you've got to be a bit more rigorous.
-
-Without knowing a thing about JavaScript until this moment, you can create a
-very small, simple program in about 5 minutes, that while not as nice as
-TrustyHash perhaps, will get the job of hashing a local file done. As long as
-you can follow along as the following code is explained, and you can be pretty
-confident the code is not doing anything fishy, you can use this to verify
-TrustyHash itself. I'll show you the whole program up-front before I explain
-it - see, 5 minutes, no more!
-
-```
-<!doctype html>
-<html>
-<body>
-<script>
-var fileinput = document.createElement('input')
-fileinput.type = 'file'
-fileinput.onchange = function(){
-var reader = new FileReader()
-reader.readAsArrayBuffer(this.files[0]);
-reader.onload = function(){
-crypto.subtle.digest("SHA-256", this.result)
-.then(function(buffer) {
-var hexCodes = []
-var view = new DataView(buffer)
-for (var i = 0; i < view.byteLength; i += 1) {
-var stringValue = view.getUint8(i).toString(16)
-var paddedValue = ('0' + stringValue).slice(-2)
-hexCodes.push(paddedValue)}
-alert(hexCodes.join(""))})}}
-document.body.appendChild(fileinput)
-</script>
-</body>
-</html>
-```
-
-JavaScript programmers may take offense with the lack of conventional
-formatting above, but I'm trying to making this easy to re-type for someone who
-shouldn't need to be concerned with formatting conventions.
-
-Now a more-or-less line-by-line explanation:
-
-```
-<!doctype html>
-<html>
-<body>
-<input type="file">
-<script>
-```
-
-These lines declare an HTML document with a file input and a script. HTML
-technically requires a `<head>` element, but I'm trying to save you a bit of
-typing. Now let's get into the JavaScript itself:
-
-```
-document.querySelector('input').onchange = function(){
-```
-
-This says, when a file is selected via the file input...
-
-```
-var reader = new FileReader()
-```
-
-...create a reader to read the file.
-
-```
-reader.readAsArrayBuffer(this.files[0])
-```
-
-Read the file into memory.
-
-```
-reader.onload = function(){
-```
-
-When the reader finishes...
-
-```
-crypto.subtle.digest("SHA-256", this.result)
-```
-
-Hash the buffer with SHA-256.
-
-```
-.then(function(buffer) {
-```
-
-When hashing finishes, we have an unprintable object, called a buffer...
-
-```
-var hexCodes = []
-```
-
-...that we want to turn in to printable hex codes, which is just a way to
-represent a number using only the characters 0 to 9 and 'a' to 'f'. Hex codes
-are the standard representation of SHA-256 hash values.
-
-
-```
-var view = new DataView(buffer)
-```
-
-We create a view so we can read the buffer in chunks.
-
-```
-for (var i = 0; i < view.byteLength; i += 1) {
-```
-
-With each byte-size chunk...
-
-```
-var stringValue = view.getUint8(i).toString(16)
-```
-
-...convert each chunk to a number and get a string, which is just something we
-can print. The string will be one or two hex digits.
-
-```
-var paddedValue = ('0' + stringValue).slice(-2)
-```
-
-To correctly print the string as a hex code, we need to add a zero to the front
-in case the number is less than two hex digits, keeping the last two digits.
-
-```
-hexCodes.push(paddedValue)}
-```
-
-Keep the string we just created before moving on to the next chunk.
-
-```
-alert(hexCodes.join(""))})}}
-```
-
-Join all the strings created from each chunk together and pop it up on the
-screen. That's it!
-
-```
-</script>
-</body>
-</html>
-```
-
-Oh, and we need these lines to formally close the HTML document.
-
-If you followed all that, put this code into a file called
-`TrustyHashLite.html` and open it up in your browser. I recommend re-typing,
-rather than copy-pasting, since there are a bunch of sneaky ways someone could
-trick you into copy-pasting something besides what you see on a web page. If
-creating HTML files by hand is a bit confusing, you can save [the file I
-created for
-you](https://raw.githubusercontent.com/sprin/TrustyHash/master/TrustyHashLite.html)
-as long as you promise you will make sure the code matches the above after you
-have saved it. One way to do this is to open the file in a browser, right-click
-and select "View Page Source".
-
-Open the `TrustyHashLite.html` file in your browser, click the file input
-button, select the `TrustyHash.html` you saved earlier. If the printed hex code
-matches the published hash values, congratulations, you just wrote a program
-that computes SHA-256 hashes *and* used it to validate TrustyHash!
-
-### Hash Values
-
-TODO: Publish hash value for 1.0.0
-
-### Integrity of the Browser
-
-In order to trust the results of TrustyHash, we need to trust the browser that
-it runs in. Is the implementation of WebCryptoAPI to be trusted? Are extensions
-able to modify the result the user sees?
-
-If one is able to see the source of the browser and deterministic, reproducible
-builds are possible, then we can start to form a strong basis of trust. Closed
-source browsers must be excluded - the vendor is not able to assert a strong
-claim of *what* they are distributing. At best, they may be able to publish
-complete specifications for all functionality, but users still must trust the
-vendor ultimately to actually implement the specifications as claimed. The
-point is moot since no closed-source browser vendor publishes complete
-specifications anyway.
-
-Currently, open-source browsers are little better off. Deterministic builds are
-still a work-in-progress for all popular open-source browsers
-([Tor Browser](https://blog.torproject.org/category/tags/deterministic-builds),
-[Firefox](https://bugzilla.mozilla.org/show_bug.cgi?id=885777),
-[Chromium](https://bugs.chromium.org/p/chromium/issues/detail?id=314403).
-Without deterministic builds, we must still trust the vendor ultimately to
-build and distribute what they say they are building. If we trust the vendor
-when they say, "deterministic builds are hard, we are working on it", and we
-can trust them to secure their build environment, then we can take the signed
-hash values they publish to represent the objects built from the published
-sources.
-
-So then there are three realistic ways we might have a trusted browser on our
-systems:
-
- - A verified open-source browser was bundled with our trusted operating system
-   distro.
- - We installed an open-source browser from a trusted package manager that
-   handled checking verification for us.
- - We downloaded the open-source browser directly from the vendor and checked
-   the signatures/hashes ourselves.
-
-The third possible way, which is only feasible for a tiny fraction of extremely
-diligent users, is to build the browser from source, rebuilding whenever
-security updates are pushed to users.
-
-Since the majority of browser users do not use an operating system that bundles
-a verified open-source browser nor supplies a package manager which can
-download and verify an open-source browser for them, this leaves manually
-verifying. Because no operating system makes it easy or obvious to verify
-signed downloads and awareness of the importance of verification is very low,
-we have to conclude that the majority of browser users have very little basis
-for trusting their browser. Similar arguments can be made for the operating
-system as a whole.
-
-So where does that leave us? Is running any program inside a browser with any
-degre of trust hopeless for the vast majority of users? I would say that we may
-be forced to accept some uncertainty that a program such as TrustyHash will
-produce the correct results in an untrusted browser. If we accept this
-uncertainty, we can use TrustyHash to bootstrap trust for a new browser or even
-operating system. This, I think, is the real value of TrustyHash - to bootstrap
-trust on a system by providing the best possible effort at producing trusted
-hash values in an accessible way.
-
-## Deployment
-
-The entire application is packaged in a single, brief HTML file. Simply deploy
-the file under the web server root directory.
-
-## Why only SHA-256?
-
-SHA-256 remains the de facto standard for verifying files via hash in 2016.
-Here are some popular projects have standardized on SHA-256 for verifying
-release materials:
-
- - [Tor Browser](https://www.torproject.org/docs/verifying-signatures.html#BuildVerification)
- - [OpenBSD](http://man.openbsd.org/signify)
- - [FreeBSD](https://www.freebsd.org/releases/10.2R/signatures.html)
- - [Centos](http://mirror.centos.org/centos/7/isos/x86_64/sha256sum.txt)
- - [Fedora](https://getfedora.org/verify)
-
-In the interests of standardization and keeping things simple, only SHA-256
-will be shown. A possible addition to this project is to allow the user to
-select other hash algorithms, with SHA-256 remaining the default.
-
-## Limitations
-
-When the application is retrieved on an HTTPS connection, the application
-cannot fetch HTTP URLs due to restrictions against [mixed active
-content](https://developer.mozilla.org/en-US/docs/Security/Mixed_content#Mixed_active_content]).
-A workaround for this is to save the page locally and open the local copy in
-the browser, as recommended anyway.

From b34f8a830d30d4aa5e73e3b0067e17fa4063f294 Mon Sep 17 00:00:00 2001
From: yunohost-bot <yunohost@yunohost.org>
Date: Wed, 11 Jan 2023 14:56:29 +0000
Subject: [PATCH 4/5] Auto-update README

---
 README.md    | 289 ---------------------------------------------------
 README_fr.md | 289 ---------------------------------------------------
 2 files changed, 578 deletions(-)

diff --git a/README.md b/README.md
index ad9ca7e..1adb070 100644
--- a/README.md
+++ b/README.md
@@ -29,295 +29,6 @@ offline!
 
 ![Screenshot of TrustyHash](./doc/screenshots/example.jpg)
 
-## Disclaimers / important information
-
-## Trust
-
-This app does the hash calculation in the browser using the
-[WebCryptoAPI](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest).
-This means we can trust the hash calculation under the following assumptions:
-
- - The integrity of the application has been preserved when it executes in the
-   browser.
- - The browser and any extensions can be trusted.
-
-### Integrity of the TrustyHash itself
-
-Because the application itself is a single HTML file which can be saved locally,
-there are various means for verifying integrity.
-
-#### Trusted Hash Utility
-
-The most reliable way to verify is to compute the hash of the HTML file with a
-trusted hash utility on the local system, and compare against the values
-published below.
-
-#### Code Audit
-
-Someone familiar with JavaScript can spend a few minutes reading the concise
-source to be assured that the program does what it claims to.
-
-#### No Hash Utility, Can't Audit Code?
-
-Hmm, no trusted hash utility, can't audit the code... you just can't give up
-and use your copy of TrustyHash without trusting it! While you could try some
-half-measure like getting some kind of consensus on the hash value of
-TrustyHash from untrusted hash utilities on the web, maybe other copies of
-TrustyHash found elsewhere... ultimately if you really need to trust
-TrustyHash, you've got to be a bit more rigorous.
-
-Without knowing a thing about JavaScript until this moment, you can create a
-very small, simple program in about 5 minutes, that while not as nice as
-TrustyHash perhaps, will get the job of hashing a local file done. As long as
-you can follow along as the following code is explained, and you can be pretty
-confident the code is not doing anything fishy, you can use this to verify
-TrustyHash itself. I'll show you the whole program up-front before I explain
-it - see, 5 minutes, no more!
-
-```
-<!doctype html>
-<html>
-<body>
-<script>
-var fileinput = document.createElement('input')
-fileinput.type = 'file'
-fileinput.onchange = function(){
-var reader = new FileReader()
-reader.readAsArrayBuffer(this.files[0]);
-reader.onload = function(){
-crypto.subtle.digest("SHA-256", this.result)
-.then(function(buffer) {
-var hexCodes = []
-var view = new DataView(buffer)
-for (var i = 0; i < view.byteLength; i += 1) {
-var stringValue = view.getUint8(i).toString(16)
-var paddedValue = ('0' + stringValue).slice(-2)
-hexCodes.push(paddedValue)}
-alert(hexCodes.join(""))})}}
-document.body.appendChild(fileinput)
-</script>
-</body>
-</html>
-```
-
-JavaScript programmers may take offense with the lack of conventional
-formatting above, but I'm trying to making this easy to re-type for someone who
-shouldn't need to be concerned with formatting conventions.
-
-Now a more-or-less line-by-line explanation:
-
-```
-<!doctype html>
-<html>
-<body>
-<input type="file">
-<script>
-```
-
-These lines declare an HTML document with a file input and a script. HTML
-technically requires a `<head>` element, but I'm trying to save you a bit of
-typing. Now let's get into the JavaScript itself:
-
-```
-document.querySelector('input').onchange = function(){
-```
-
-This says, when a file is selected via the file input...
-
-```
-var reader = new FileReader()
-```
-
-...create a reader to read the file.
-
-```
-reader.readAsArrayBuffer(this.files[0])
-```
-
-Read the file into memory.
-
-```
-reader.onload = function(){
-```
-
-When the reader finishes...
-
-```
-crypto.subtle.digest("SHA-256", this.result)
-```
-
-Hash the buffer with SHA-256.
-
-```
-.then(function(buffer) {
-```
-
-When hashing finishes, we have an unprintable object, called a buffer...
-
-```
-var hexCodes = []
-```
-
-...that we want to turn in to printable hex codes, which is just a way to
-represent a number using only the characters 0 to 9 and 'a' to 'f'. Hex codes
-are the standard representation of SHA-256 hash values.
-
-
-```
-var view = new DataView(buffer)
-```
-
-We create a view so we can read the buffer in chunks.
-
-```
-for (var i = 0; i < view.byteLength; i += 1) {
-```
-
-With each byte-size chunk...
-
-```
-var stringValue = view.getUint8(i).toString(16)
-```
-
-...convert each chunk to a number and get a string, which is just something we
-can print. The string will be one or two hex digits.
-
-```
-var paddedValue = ('0' + stringValue).slice(-2)
-```
-
-To correctly print the string as a hex code, we need to add a zero to the front
-in case the number is less than two hex digits, keeping the last two digits.
-
-```
-hexCodes.push(paddedValue)}
-```
-
-Keep the string we just created before moving on to the next chunk.
-
-```
-alert(hexCodes.join(""))})}}
-```
-
-Join all the strings created from each chunk together and pop it up on the
-screen. That's it!
-
-```
-</script>
-</body>
-</html>
-```
-
-Oh, and we need these lines to formally close the HTML document.
-
-If you followed all that, put this code into a file called
-`TrustyHashLite.html` and open it up in your browser. I recommend re-typing,
-rather than copy-pasting, since there are a bunch of sneaky ways someone could
-trick you into copy-pasting something besides what you see on a web page. If
-creating HTML files by hand is a bit confusing, you can save [the file I
-created for
-you](https://raw.githubusercontent.com/sprin/TrustyHash/master/TrustyHashLite.html)
-as long as you promise you will make sure the code matches the above after you
-have saved it. One way to do this is to open the file in a browser, right-click
-and select "View Page Source".
-
-Open the `TrustyHashLite.html` file in your browser, click the file input
-button, select the `TrustyHash.html` you saved earlier. If the printed hex code
-matches the published hash values, congratulations, you just wrote a program
-that computes SHA-256 hashes *and* used it to validate TrustyHash!
-
-### Hash Values
-
-TODO: Publish hash value for 1.0.0
-
-### Integrity of the Browser
-
-In order to trust the results of TrustyHash, we need to trust the browser that
-it runs in. Is the implementation of WebCryptoAPI to be trusted? Are extensions
-able to modify the result the user sees?
-
-If one is able to see the source of the browser and deterministic, reproducible
-builds are possible, then we can start to form a strong basis of trust. Closed
-source browsers must be excluded - the vendor is not able to assert a strong
-claim of *what* they are distributing. At best, they may be able to publish
-complete specifications for all functionality, but users still must trust the
-vendor ultimately to actually implement the specifications as claimed. The
-point is moot since no closed-source browser vendor publishes complete
-specifications anyway.
-
-Currently, open-source browsers are little better off. Deterministic builds are
-still a work-in-progress for all popular open-source browsers
-([Tor Browser](https://blog.torproject.org/category/tags/deterministic-builds),
-[Firefox](https://bugzilla.mozilla.org/show_bug.cgi?id=885777),
-[Chromium](https://bugs.chromium.org/p/chromium/issues/detail?id=314403).
-Without deterministic builds, we must still trust the vendor ultimately to
-build and distribute what they say they are building. If we trust the vendor
-when they say, "deterministic builds are hard, we are working on it", and we
-can trust them to secure their build environment, then we can take the signed
-hash values they publish to represent the objects built from the published
-sources.
-
-So then there are three realistic ways we might have a trusted browser on our
-systems:
-
- - A verified open-source browser was bundled with our trusted operating system
-   distro.
- - We installed an open-source browser from a trusted package manager that
-   handled checking verification for us.
- - We downloaded the open-source browser directly from the vendor and checked
-   the signatures/hashes ourselves.
-
-The third possible way, which is only feasible for a tiny fraction of extremely
-diligent users, is to build the browser from source, rebuilding whenever
-security updates are pushed to users.
-
-Since the majority of browser users do not use an operating system that bundles
-a verified open-source browser nor supplies a package manager which can
-download and verify an open-source browser for them, this leaves manually
-verifying. Because no operating system makes it easy or obvious to verify
-signed downloads and awareness of the importance of verification is very low,
-we have to conclude that the majority of browser users have very little basis
-for trusting their browser. Similar arguments can be made for the operating
-system as a whole.
-
-So where does that leave us? Is running any program inside a browser with any
-degre of trust hopeless for the vast majority of users? I would say that we may
-be forced to accept some uncertainty that a program such as TrustyHash will
-produce the correct results in an untrusted browser. If we accept this
-uncertainty, we can use TrustyHash to bootstrap trust for a new browser or even
-operating system. This, I think, is the real value of TrustyHash - to bootstrap
-trust on a system by providing the best possible effort at producing trusted
-hash values in an accessible way.
-
-## Deployment
-
-The entire application is packaged in a single, brief HTML file. Simply deploy
-the file under the web server root directory.
-
-## Why only SHA-256?
-
-SHA-256 remains the de facto standard for verifying files via hash in 2016.
-Here are some popular projects have standardized on SHA-256 for verifying
-release materials:
-
- - [Tor Browser](https://www.torproject.org/docs/verifying-signatures.html#BuildVerification)
- - [OpenBSD](http://man.openbsd.org/signify)
- - [FreeBSD](https://www.freebsd.org/releases/10.2R/signatures.html)
- - [Centos](http://mirror.centos.org/centos/7/isos/x86_64/sha256sum.txt)
- - [Fedora](https://getfedora.org/verify)
-
-In the interests of standardization and keeping things simple, only SHA-256
-will be shown. A possible addition to this project is to allow the user to
-select other hash algorithms, with SHA-256 remaining the default.
-
-## Limitations
-
-When the application is retrieved on an HTTPS connection, the application
-cannot fetch HTTP URLs due to restrictions against [mixed active
-content](https://developer.mozilla.org/en-US/docs/Security/Mixed_content#Mixed_active_content]).
-A workaround for this is to save the page locally and open the local copy in
-the browser, as recommended anyway.
-
 ## Documentation and resources
 
 * Official app website: <https://github.com/sprin/TrustyHash>
diff --git a/README_fr.md b/README_fr.md
index 169081a..b6fc1c0 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -29,295 +29,6 @@ offline!
 
 ![Capture d'écran de TrustyHash](./doc/screenshots/example.jpg)
 
-## Avertissements / informations importantes
-
-## Trust
-
-This app does the hash calculation in the browser using the
-[WebCryptoAPI](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest).
-This means we can trust the hash calculation under the following assumptions:
-
- - The integrity of the application has been preserved when it executes in the
-   browser.
- - The browser and any extensions can be trusted.
-
-### Integrity of the TrustyHash itself
-
-Because the application itself is a single HTML file which can be saved locally,
-there are various means for verifying integrity.
-
-#### Trusted Hash Utility
-
-The most reliable way to verify is to compute the hash of the HTML file with a
-trusted hash utility on the local system, and compare against the values
-published below.
-
-#### Code Audit
-
-Someone familiar with JavaScript can spend a few minutes reading the concise
-source to be assured that the program does what it claims to.
-
-#### No Hash Utility, Can't Audit Code?
-
-Hmm, no trusted hash utility, can't audit the code... you just can't give up
-and use your copy of TrustyHash without trusting it! While you could try some
-half-measure like getting some kind of consensus on the hash value of
-TrustyHash from untrusted hash utilities on the web, maybe other copies of
-TrustyHash found elsewhere... ultimately if you really need to trust
-TrustyHash, you've got to be a bit more rigorous.
-
-Without knowing a thing about JavaScript until this moment, you can create a
-very small, simple program in about 5 minutes, that while not as nice as
-TrustyHash perhaps, will get the job of hashing a local file done. As long as
-you can follow along as the following code is explained, and you can be pretty
-confident the code is not doing anything fishy, you can use this to verify
-TrustyHash itself. I'll show you the whole program up-front before I explain
-it - see, 5 minutes, no more!
-
-```
-<!doctype html>
-<html>
-<body>
-<script>
-var fileinput = document.createElement('input')
-fileinput.type = 'file'
-fileinput.onchange = function(){
-var reader = new FileReader()
-reader.readAsArrayBuffer(this.files[0]);
-reader.onload = function(){
-crypto.subtle.digest("SHA-256", this.result)
-.then(function(buffer) {
-var hexCodes = []
-var view = new DataView(buffer)
-for (var i = 0; i < view.byteLength; i += 1) {
-var stringValue = view.getUint8(i).toString(16)
-var paddedValue = ('0' + stringValue).slice(-2)
-hexCodes.push(paddedValue)}
-alert(hexCodes.join(""))})}}
-document.body.appendChild(fileinput)
-</script>
-</body>
-</html>
-```
-
-JavaScript programmers may take offense with the lack of conventional
-formatting above, but I'm trying to making this easy to re-type for someone who
-shouldn't need to be concerned with formatting conventions.
-
-Now a more-or-less line-by-line explanation:
-
-```
-<!doctype html>
-<html>
-<body>
-<input type="file">
-<script>
-```
-
-These lines declare an HTML document with a file input and a script. HTML
-technically requires a `<head>` element, but I'm trying to save you a bit of
-typing. Now let's get into the JavaScript itself:
-
-```
-document.querySelector('input').onchange = function(){
-```
-
-This says, when a file is selected via the file input...
-
-```
-var reader = new FileReader()
-```
-
-...create a reader to read the file.
-
-```
-reader.readAsArrayBuffer(this.files[0])
-```
-
-Read the file into memory.
-
-```
-reader.onload = function(){
-```
-
-When the reader finishes...
-
-```
-crypto.subtle.digest("SHA-256", this.result)
-```
-
-Hash the buffer with SHA-256.
-
-```
-.then(function(buffer) {
-```
-
-When hashing finishes, we have an unprintable object, called a buffer...
-
-```
-var hexCodes = []
-```
-
-...that we want to turn in to printable hex codes, which is just a way to
-represent a number using only the characters 0 to 9 and 'a' to 'f'. Hex codes
-are the standard representation of SHA-256 hash values.
-
-
-```
-var view = new DataView(buffer)
-```
-
-We create a view so we can read the buffer in chunks.
-
-```
-for (var i = 0; i < view.byteLength; i += 1) {
-```
-
-With each byte-size chunk...
-
-```
-var stringValue = view.getUint8(i).toString(16)
-```
-
-...convert each chunk to a number and get a string, which is just something we
-can print. The string will be one or two hex digits.
-
-```
-var paddedValue = ('0' + stringValue).slice(-2)
-```
-
-To correctly print the string as a hex code, we need to add a zero to the front
-in case the number is less than two hex digits, keeping the last two digits.
-
-```
-hexCodes.push(paddedValue)}
-```
-
-Keep the string we just created before moving on to the next chunk.
-
-```
-alert(hexCodes.join(""))})}}
-```
-
-Join all the strings created from each chunk together and pop it up on the
-screen. That's it!
-
-```
-</script>
-</body>
-</html>
-```
-
-Oh, and we need these lines to formally close the HTML document.
-
-If you followed all that, put this code into a file called
-`TrustyHashLite.html` and open it up in your browser. I recommend re-typing,
-rather than copy-pasting, since there are a bunch of sneaky ways someone could
-trick you into copy-pasting something besides what you see on a web page. If
-creating HTML files by hand is a bit confusing, you can save [the file I
-created for
-you](https://raw.githubusercontent.com/sprin/TrustyHash/master/TrustyHashLite.html)
-as long as you promise you will make sure the code matches the above after you
-have saved it. One way to do this is to open the file in a browser, right-click
-and select "View Page Source".
-
-Open the `TrustyHashLite.html` file in your browser, click the file input
-button, select the `TrustyHash.html` you saved earlier. If the printed hex code
-matches the published hash values, congratulations, you just wrote a program
-that computes SHA-256 hashes *and* used it to validate TrustyHash!
-
-### Hash Values
-
-TODO: Publish hash value for 1.0.0
-
-### Integrity of the Browser
-
-In order to trust the results of TrustyHash, we need to trust the browser that
-it runs in. Is the implementation of WebCryptoAPI to be trusted? Are extensions
-able to modify the result the user sees?
-
-If one is able to see the source of the browser and deterministic, reproducible
-builds are possible, then we can start to form a strong basis of trust. Closed
-source browsers must be excluded - the vendor is not able to assert a strong
-claim of *what* they are distributing. At best, they may be able to publish
-complete specifications for all functionality, but users still must trust the
-vendor ultimately to actually implement the specifications as claimed. The
-point is moot since no closed-source browser vendor publishes complete
-specifications anyway.
-
-Currently, open-source browsers are little better off. Deterministic builds are
-still a work-in-progress for all popular open-source browsers
-([Tor Browser](https://blog.torproject.org/category/tags/deterministic-builds),
-[Firefox](https://bugzilla.mozilla.org/show_bug.cgi?id=885777),
-[Chromium](https://bugs.chromium.org/p/chromium/issues/detail?id=314403).
-Without deterministic builds, we must still trust the vendor ultimately to
-build and distribute what they say they are building. If we trust the vendor
-when they say, "deterministic builds are hard, we are working on it", and we
-can trust them to secure their build environment, then we can take the signed
-hash values they publish to represent the objects built from the published
-sources.
-
-So then there are three realistic ways we might have a trusted browser on our
-systems:
-
- - A verified open-source browser was bundled with our trusted operating system
-   distro.
- - We installed an open-source browser from a trusted package manager that
-   handled checking verification for us.
- - We downloaded the open-source browser directly from the vendor and checked
-   the signatures/hashes ourselves.
-
-The third possible way, which is only feasible for a tiny fraction of extremely
-diligent users, is to build the browser from source, rebuilding whenever
-security updates are pushed to users.
-
-Since the majority of browser users do not use an operating system that bundles
-a verified open-source browser nor supplies a package manager which can
-download and verify an open-source browser for them, this leaves manually
-verifying. Because no operating system makes it easy or obvious to verify
-signed downloads and awareness of the importance of verification is very low,
-we have to conclude that the majority of browser users have very little basis
-for trusting their browser. Similar arguments can be made for the operating
-system as a whole.
-
-So where does that leave us? Is running any program inside a browser with any
-degre of trust hopeless for the vast majority of users? I would say that we may
-be forced to accept some uncertainty that a program such as TrustyHash will
-produce the correct results in an untrusted browser. If we accept this
-uncertainty, we can use TrustyHash to bootstrap trust for a new browser or even
-operating system. This, I think, is the real value of TrustyHash - to bootstrap
-trust on a system by providing the best possible effort at producing trusted
-hash values in an accessible way.
-
-## Deployment
-
-The entire application is packaged in a single, brief HTML file. Simply deploy
-the file under the web server root directory.
-
-## Why only SHA-256?
-
-SHA-256 remains the de facto standard for verifying files via hash in 2016.
-Here are some popular projects have standardized on SHA-256 for verifying
-release materials:
-
- - [Tor Browser](https://www.torproject.org/docs/verifying-signatures.html#BuildVerification)
- - [OpenBSD](http://man.openbsd.org/signify)
- - [FreeBSD](https://www.freebsd.org/releases/10.2R/signatures.html)
- - [Centos](http://mirror.centos.org/centos/7/isos/x86_64/sha256sum.txt)
- - [Fedora](https://getfedora.org/verify)
-
-In the interests of standardization and keeping things simple, only SHA-256
-will be shown. A possible addition to this project is to allow the user to
-select other hash algorithms, with SHA-256 remaining the default.
-
-## Limitations
-
-When the application is retrieved on an HTTPS connection, the application
-cannot fetch HTTP URLs due to restrictions against [mixed active
-content](https://developer.mozilla.org/en-US/docs/Security/Mixed_content#Mixed_active_content]).
-A workaround for this is to save the page locally and open the local copy in
-the browser, as recommended anyway.
-
 ## Documentations et ressources
 
 * Site officiel de l'app : <https://github.com/sprin/TrustyHash>

From 731612e9b353a3c30d6fa931771dc20ba051b890 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89ric=20Gaspar?=
 <46165813+ericgaspar@users.noreply.github.com>
Date: Fri, 20 Jan 2023 19:54:43 +0100
Subject: [PATCH 5/5] Update manifest.json

---
 manifest.json | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/manifest.json b/manifest.json
index 973062c..7cb9289 100644
--- a/manifest.json
+++ b/manifest.json
@@ -6,11 +6,10 @@
         "en": "SHA-256 Hash Calculator",
         "fr": "Calculateur de hachage SHA-256"
     },
-    "version": "1.0~ynh1",
+    "version": "1.0~ynh2",
     "url": "https://github.com/sprin/TrustyHash",
     "upstream": {
         "license": "MIT",
-        "website": "https://github.com/sprin/TrustyHash",
         "demo": "https://sprin.github.io/TrustyHash/",        
         "userdoc": "https://github.com/sprin/TrustyHash",
         "code": "https://github.com/sprin/TrustyHash"