I recently submitted proton-mail-bin on the MPR and noticed that there is currently no list of checksums for each desktop client.
When a project publishes a list of checksums (usually at least SHA256), it makes it a little easier for packagers on user-submitted repos to maintain. Example of other projects that do this are the latest releases of Tutao's desktop client and Ente Auth's desktop client.
I recently submitted
proton-mail-binon the MPR and noticed that there is currently no list of checksums for each desktop client.When a project publishes a list of checksums (usually at least SHA256), it makes it a little easier for packagers on user-submitted repos to maintain. Example of other projects that do this are the latest releases of Tutao's desktop client and Ente Auth's desktop client.
Could artifact attestation help with this?