From 7f736db2cc1cf3d00970d5de21cadb3cf1532a5b Mon Sep 17 00:00:00 2001 From: sneak Date: Sun, 9 Jun 2024 09:07:26 -0700 Subject: [PATCH] update readme --- README.md | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index d07f5bc..569ef4c 100644 --- a/README.md +++ b/README.md @@ -25,14 +25,20 @@ which is not what you want. Run: ``` -GOPROXY=direct sudo go run sneak.berlin/go/mullvadclosest/cmd/mullvadclosest@latest +GOPROXY=direct go run sneak.berlin/go/mullvadclosest/cmd/mullvadclosest@4dd5e871f830ff62bb30c2290623ad9d8c4d4554 ``` -(The GOPROXY=direct means to download the code directly from my servers, not +The GOPROXY=direct means to download the code directly from my servers, not the Google-operated golang module proxy. Given that you're running this program as root from a random place on the internet, downloading it directly from me avoids the case where Google can serve you arbitrary code that runs -on your machine.) +on your machine. + +The full git commit hash is provided to ensure that you're running the +specific version of the code that I've tested and that you're expecting to +run. Don't do "git run @latest" because it's just granting random +people code exec on your machine. (Same goes for docker images that use +_any_ tag that uses `:` instead of a specific hash identified by `@`.) # Example output @@ -147,4 +153,4 @@ you run random shit from some weirdo from the internet as root. # Source -https://git.eeqj.de/sneak/mullvadclosest +https://sneak.berlin/go/mullvadclosest