Sileo flags a repository you add as Dangerous
Sileo flags a repository you add as Dangerous What To do 2024-Gone are the days in which most jailbreak tweaks are hosted on one or two large and centralized repositories. Instead, jailbreakers are likely to need to add several third-party repositories to their package manager app to find jailbreak tweaks, many of which are hosted by the tweak developers themselves.
While most repositories will add in to your favorite package manager app without a hitch, your unrelenting quest to find more add-ons has undoubtedly led you to websites touting seemingly endless lists of repositories to add, and you may have tried some or all of them to expand your reaches.
Unfortunately, while many of those repositories likely loaded into your package manager without any problems, chances are you’ve stumbled upon a pop-up like the one shown above, claiming that a particular repository was “dangerous.”
What exactly does this mean? What should you do about it? Should you be concerned? These are all questions we’ll try to answer for our fellow jailbreakers in today’s piece.
Why am I getting this pop-up? Sileo flags a repository you add as Dangerous
If you’ve ever received the Dangerous Repo pop-up before, then it’s because you were attempting to add a repository that has been reported as harmful to the community for one reason or another.
In most cases, it’s because the repository has been flagged for being associated with piracy, which means that the maintainer distributes other developers’ work (free or paid) without their permission. This is not only illegal due to intellectual property laws, but it goes against ethical conduct.
In less common cases, a repository may have been flagged because it distributes malware or other software with unintended consequences that may harm a user’s device.
What to do about it? Sileo flags a repository you add as Dangerous
In most cases, the best thing to do when receiving this pop-up is to tap the “Take me back to safety” button, as this will prevent the repository from being added to your device.
If you are adding a repository that you know nothing about, or that you have reason to believe might be a piracy repository, then you should not add it for the sake of your device’s safety. Cracked software distributed by piracy repositories may be unstable or outdated. What’s worse is it may distribute malware.
In some cases, however, the warning may be false flag. If you trust the repository that you’re adding, then you can tap on the “I accept the risks, continue” button and the package manager will move forward with adding and loading the repository as normal despite the warning.
What package managers display these messages? Sileo flags a repository you add as Dangerous
The pop-up that you see above is shown via the Sileo package manager, but many package manager apps have some variant of the above message. For example, if you’ve been jailbreaking as long as I have, then you may remember when Cydia reigned supreme.
When it did, Cydia would show a message that looked something like the only below, entitled “Source Warning” with similar warnings about being reported for redistributing copyrighted works illegally. Just like Sileo, Cydia would let you back out with a “Cancel” button or press on with an “Add Anyway” button:
We tested this in the Zebra package manager and didn’t produce any pop-up messages when adding repositories that would ordinarily trigger pop-ups in Cydia or Sileo, which seems to suggest that Zebra doesn’t discriminate against any repository – good or bad.
We unfortunately couldn’t test out the Installer 5.1 package manager app, as it was never updated for today’s modern rootless jailbreaks.
Should you worry if you see this pop-up? Sileo flags a repository you add as Dangerous
If you get a pop-up about a dangerous repository, you needn’t panic.
Seeing the pop-up means that your package manager app has paused adding the repository to give you the choice about what to do next. If you back out of adding the repository, then it won’t be added to your device and you’re totally safe.
If you added a questionable repository to your device, and you want to remove it, then it’s a good idea to go ahead and do so. After all, if you don’t know what you’re putting on your device and you just start installing things from it, you open yourself up to security vulnerabilities.
How can I report a repository? Sileo flags a repository you add as Dangerous
If you believe you’ve found a repository that is dabbling in piracy or distributing harmful software, then you can report it to the Sileo Team per the instructions on the Sileo GitHub page.
Upon reporting a repository, the Sileo Team will do their best to investigate the repository and decide whether it add it the flagged repository list. Repositories that become flagged will display the Dangerous Repo pop-up when users try adding it.
My repository was wrongly flagged as dangerous
If you have your own repository, either because you’re a developer or because you’re hosting for a developer, then there’s always a chance that your repository could become flagged some time down the line due to user reports.
If this happens, and your repository shouldn’t be flagged, then you can reach out to the Sileo Team per the instructions on the Sileo GitHub page to articulate your case. It will be investigated and then a determination made.
Please note that if you are partaking in piracy, your plea to un-flag your repository may go unanswered or unresolved. The appeal process is only intended for wrongfully-flagged repositories and not those that are flagged correctly so, so it shouldn’t be abused.
Wrapping up Sileo flags a repository you add as Dangerous
Seeing the Dangerous Repo pop-up in Sileo when adding repositories to your device is generally nothing to be concerned about. If you see the pop-up, you should respond accordingly by backing out, or if you trust the repository you’re adding, you can charge forward with it anyway.