I’ve been creating an end to end encrypted chat website with an open source frontend but balancing load balancing and trust is a bit of an issue. Right now I’m hesitant to trust CDNs. Code running on websites typically changes as soon as someone pushes new version to the server. Most times this is the website owner but:
So I thought what if website releases were pushed to a git repo for an extension to verify against a hash or something. I don’t know of any code signing that works with website resources. Has anyone else done anything with this?
Feel free to flag this to oblivion if it’s a stupid question.