Retro Replay Retro Replay gaming reviews, news, emulation, geek stuff and more!
Azahar 2125.1.2, an open-source 3DS emulator based on Citra, has been released with enhanced security features. Key updates include immutable releases, preventing changes to published assets, and attested binaries that verify origin and integrity. Users can verify binaries using GitHub CLI commands. A Software Bill of Materials in JSON format details dependencies to help track vulnerabilities, though not all dependencies are detected yet. Additionally, a verify-release script assists users in auditing releases. Other improvements include faster builds for specific configurations and reduced file sizes for core binaries. Downloads are available for x64 and Android.
(HEY YOU!! We hope you enjoy! We try not to run ads. So basically, this is a very expensive hobby running this site. Please consider joining us for updates, forums, and more. Network w/ us to make some cash or friends while retro gaming, and you can win some free retro games for posting. Okay, carry on đ)
Azahar 2125.1.2 has been released. This is an open-source 3DS emulator project built on Citra.
Azahar changelog:
Highlights include
Enabled Attestation and Software Bill Of Materials for all release assets to enhance release security. | @PabloMK7 #2117
From this point forward, Azahar releases are immutable. This means that once a release is published, its linked assets cannot be altered in any manner. This helps prevent token stealers from modifying release assets post-publication. A padlock icon along with the word Immutable at the top left of the page indicates if a release is immutable.
Starting with this release, Azahar binaries are attested. This signifies that all official Azahar assets now come with signed claims detailing their origin (CI jobs), the exact commit and timestamp, and various other metadata.
Users can verify the authenticity of Azahar binaries using the GitHub CLI. For instance: gh attestation verify –owner azahar-emu –predicate-type “https://spdx.dev/Document/v2.3”
While basic sha256 hashes confirm integrity, attestations also incorporate the aforementioned metadata.
You can explore attestations for all our binaries on the Attestations page.
Additionally, starting from this release, Azahar binaries include a Software Bill Of Materials, represented as a JSON that theoretically lists all dependencies, aiding in vulnerability tracking. As this technology is relatively new, not all dependencies may be fully detected. More information can be found in #2117.
We now provide a verify-release bash script in our source code, assisting in confirming the validity of Azahar releases. This enables users to better audit our releases and easily acquire the software bill of materials. Example usage is as follows: ./tools/verify-release.sh azahar-emu/azahar 2125.1.2. You can find more about this tool in #2117.
Technical updates
Introduced EXCLUDE_FROM_ALL to applicable CMake targets, improving build times for certain non-standard configurations. | @OpenSauce04 #2088
All libretro core binaries have been stripped, significantly minimizing file size (particularly for the Android core) without compromising functionality. | @OpenSauce04 #2111
Note that this is relevant only for the core binaries we distribute; cores accessed through the RetroArch core downloader were already utilizing this approach.
Download: Azahar 2125.1.2 x64
Download: Azahar 2125.1.2 Android
Source: Here
