kr
securely autoupdate plugins
I had hoped to use all this same infrastructure as in #19 to make hk autoupdate its plugins as well as itself. That leaves the user open to code from many other possible sources. I hadn't even considered the security implications of that until the conversation in #19 started.
I'm fine with revisiting this later and not having plugins update for now.
Meanwhile we can mull it over.
Hmmm. How formalized do you want the relationship to be between plugin authors and us? At the one extreme, we have the current toolbelt approach (any old git repo will do). At the other, they might have to be registered and listed on hkdist for us (even via some automated flow) to support redistribution. If it's the latter, this becomes way easier.
I'd prefer to keep it as low-friction and open as possible, but registered and listed on hkdist sounds not too onerous. The registration could amount to "email {kr,security}@heroku.com your pgp key and the name you want to use for your plugin". Plugins have always been an install-at-your own risk sort of proposition. Maybe it's sufficient if we can guarantee that updates to any plugin always come via the same pgp key.