This repository is a data/file collection (JSON sources + Python scripts). “Version” here refers to JSON-tracked IPA references rather than software releases. Instead of a traditional “supported versions” list, follow GitHub Releases for the freshness of IPA references.
| Component | Status |
|---|---|
stremio-ios.json |
✅ Actively maintained |
stremio-tvos.json |
✅ Actively maintained |
stremio-updater.py |
✅ Actively maintained |
| Legacy IPA references | ⚠️ Available as long as Stremio keeps them on the CDN |
This repository does not execute code directly; it only collects data and produces JSON. However, if you discover a security issue or suspect something is wrong:
Please DO NOT open a public Issue. Instead:
Use GitHub Security Advisories: https://github.com/omix4/stremio-altstore/security/advisories/new
Or contact the maintainer directly via the email on their GitHub profile.
In your report, please include:
stremio-updater.py, stremio-ios.json)Response time: initial response within 7 days, assessment within 30 days.
IPAs in this source are distributed with Stremio’s official Apple Developer signature. When re-signed via any signing app (Feather, AltStore, ESign, etc.):
If you don’t re-sign, the app stops launching. This is Apple’s rule, not a repo issue.
dl.strem.io belongs to Stremio. This repo only uses publicly accessible URLs. If Stremio takes down the CDN or changes its structure, the repo breaks — open an Issue in that case.
This repository has zero third-party Python dependencies. It uses only the Python 3.8+ standard library. You will not find requirements.txt or Pipfile — that’s intentional.
The JSON files include SHA-256 hashes on nested version records. The automated updater
backfills hashes from the live dl.strem.io IPA files, and source validation rejects malformed
digests before publishing.
Thank you to any researchers who report security issues responsibly.