this post was submitted on 13 Aug 2023
72 points (96.2% liked)
Open Source
31359 readers
228 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Besides the obvious of telling your users to build the exe, have you considered alternative distribution methods like docker?
How does a docker distribution solve this problem? Is it because the build instructions are automated by the Dockerfile?
When you make a docker image and push it to dockerhub all of the instructions it took appear there so it's very transparent, also super easy for any person to build it themselves unlike executables, just download the Dockerfile and run a single command
Ah. Cool. I was under the impression that docker images suffered from a similar issue - that one can't verify that the image is built from the source. I'm happy to be mistaken about that.
You could definitely do clever things to obfuscate what you're doing, but it's much easier to replicate building the image as there are no external dependencies, if you have docker installed then you can build any docker image