Closed sid-the-sloth closed 7 months ago
Hey!
I already do it for the flatpak and homebrew releases so it's not an issue to add it to the rest. I'll do it in a moment.
Done!
Done!
@JetpackDuba
I saw the SHA256SUM file published yesterday for release 1.3.1.
I think there is a problem with current file:
ef29def5d0ffed54fe1f8b48049be939ff24b04082a683406bc4d29859a360cc linux x86_64
e934507c885a2818cd3e7ded1155a8505f762409b094752d41913c80a119fd92 linux arm aarch_64
fef126513c3b1a1f1ce29673f596547b16e31103cbc31007297f77b92e91b0eb windows installable
9332eb4183e61022981b2779d7e2ce82187a9a933a72683bb69729305ee1e28b windows portable
cb62e5921c058844d8b0a2900ae3316f86d8baacbb00d1b7c89d5e4dc40185d1 macos zip
The right-hand part of every line should contain the actual filename of the binary (e.g.:
Gitnuro-linux-x86_64-1.3.1.jar
) not those explanation words like linux x86_64
-- please note there are 2 (two) spaces between the two words:
ef29def5d0ffed54fe1f8b48049be939ff24b04082a683406bc4d29859a360cc Gitnuro-linux-x86_64-1.3.1.jar
e934507c885a2818cd3e7ded1155a8505f762409b094752d41913c80a119fd92 Gitnuro-linux-arm_aarch64-1.3.1.jar
fef126513c3b1a1f1ce29673f596547b16e31103cbc31007297f77b92e91b0eb Gitnuro_Windows_Installer_1.3.1.exe
9332eb4183e61022981b2779d7e2ce82187a9a933a72683bb69729305ee1e28b Gitnuro_Windows_Portable_1.3.1.zip
cb62e5921c058844d8b0a2900ae3316f86d8baacbb00d1b7c89d5e4dc40185d1 Gitnuro-macos-1.3.1.zip
For comparison, here is the SHA512SUM
file for Debian .iso
images:
33c08e56c83d13007e4a5511b9bf2c4926c4aa12fd5dd56d493c0653aecbab380988c5bf1671dbaea75c582827797d98c4a611f7fb2b131fbde2c677d5258ec9 debian-12.5.0-amd64-netinst.iso
7cd6ec7d359515117558e91650fce1b98af0082cb2149b3d94fb480f657f51b06934d7b450fe563eeef023ccf59472b8faa870ee50c369f4c4ceecea8da0c60f debian-edu-12.5.0-amd64-netinst.iso
968067c0874b8cc865f7c0ff802b86ba09013a20f0318e39b38e0e37af5c557ccd5145ae7a2f8be01492a5298386aba437b545471450f9ae80fdaf6dac5e454d debian-mac-12.5.0-amd64-netinst.iso
Fixed!
Every software release is safer when checksum verification file(s) are generated during build.
Please add checksum verification files to the release (SHA256, SHA512, etc.)
I would like to be able to verify the integrity of downloaded files/binaries.
Example projects on github which are doing that:
https://github.com/yt-dlp/yt-dlp
https://github.com/keepassxreboot/keepassxc
https://github.com/VSCodium/vscodium
Thank you! This is greatly appreciated.