Skip to content
This repository has been archived by the owner on Jun 4, 2022. It is now read-only.

How should autoupgrade work?

Jump to bottom
Adrian Cochrane edited this page Mar 24, 2018 · 7 revisions

Autoupgrade is a vital for keeping what Odysseus will have for extensions compatible with the network services they relay on. Sure this could be seen as a universal backdoor, but by keeping it declarative and non-programmable concerned surfers can still see any potential backdoors in it's code.

To implement this at it's most basic we can wrap a session with a cache with infinite storage. For more efficiency for larger files, GGit can be useful. This'll probably require a higher level wrapper that can fetch particular files from a Git repository.

To download a git file using GGit:

  1. Clone or CD into the repo
  2. Fetch the remote master (or other branch).
  3. Get it's "oid".
  4. Get the commit corresponding to that Oid.
  5. Get the commit's tree.
  6. Load the filepath within that tree.
  7. Lookup the blob
  8. Finally read the file's contents!

While that'll take some effort, it may be worth it to some services (like Better) to be able to send us just the changes since last time.

For more complex cases where we decode the data and hand it WebKit, we can drop down to the libsoup message level in order to capture the caching headers and queue up a redownload/reparse.

Privacy Measures

In the short-term I'll just download recommendation databases once and never update them, whilst hosting them on GitHub. Considering that these'll just be used in the short-term to fill out the topsites this'll be a good compromise for the sake of privacy. If they want more up-to-date info they can visit the website.

However in the longer-term I'll want to move hosting to IPFS for strong & no-compromise (for the simple case of autoupdating clientside data) privacy protections, whilst enabling unique yet useful browser features like "share a link to this (potentially internal) page exactly as I saw it". An issue for this will be opened once I've implemented autofetch of recommendations. [The privacy of IPFS is that it only tells practically random computers what you may have been interested, but even then you may have fetched those pages on behalf of someone else so it's not much of an indication.]

It may also be interesting to harvest userscripts, userstyles, content blockers, etc from other sites and host it on IPFS to improve privacy and discoverability. Though as always I'd want to implement this in a way that adds as little to Odysseus's UI as possible.

Clone this wiki locally