Closed milamer closed 4 months ago
Chiitoo
commented
4 months ago The site does look a bit odd, considering it was supposedly changed to "use archive.org for download" in 74ad00cbf5f [1], but the sha256sum does seem to be correct still though, so it /should/ probably be safe¿
austin987
commented
4 months ago Given that it was 3 years ago, my memory is fuzzy, but I think I had archive.org in mind because I made several commits around that time that DID use archive.org: d3ca43c8198bd641b8f77f4410625c4983f9544f 2b04c2bb777edf4a261761671163034feaa98ecf 0669aa660c92609fad63ae8bc9142c970a140bd4 c9e31ea38e31111ddfb23705f92a45776f71ba65 c4c4f744bf86063cd5a4e2eb37f76ae9e4670d56
That said, I did mess up a second commit message, in 8a29d2ac9c13c6b7e2b478599db69e714e26720a.
I agree the site seems questionable, but the sha256sum matches, and AFAIK sha256 isn't compromised. While archive.org seems 'safer', it's also flaky at times, so I preferred the more stable website.
Until/unless I find a stable place to host redistributable binaries (#1696), this seems like the most stable solution.
FanderWasTaken
commented
4 months ago austin987
commented
4 months ago Depends on your view of 'better'. As I said, archive.org is more reputable, but can be unstable. The binary is the same, (sha256 matches).
Hi,
I've been viewing another project wine-dependency-hell-solver and found a weird download link:
I asked the devloper here and he linked me to your project which uses the same url to download the file. See https://github.com/Winetricks/winetricks/blob/383292899865c41d7f9e5e77c3f09b73e72a0fde/src/winetricks#L13271
This URL seems a bit suspicious to me. Could you please provide more context or rationale behind choosing this source? Specifically, I am concerned about the security and legitimacy of this file.
Are there any checks or verifications done to ensure the integrity and safety of this download?
Thank you!
Chris