aparnajyothi-y
commented
2 weeks ago Hello @firewave, Thank you for creating this issue and we will get back to you once we have some feedback on this :)
Open firewave opened 2 weeks ago
aparnajyothi-y
commented
2 weeks ago Hello @firewave, Thank you for creating this issue and we will get back to you once we have some feedback on this :)
Description: After the download of the version archive it should verify the checksum of the file against the provided
hashes.sha256for the release in question.Justification: This ensures that the downloaded file is the actually intended one.
Are you willing to submit a PR?