Open gep13 opened 8 years ago
Any package that downloads remote resources - we may be able to be verify out of band downloading as well and add notes to check for checksum validation.
I'm thinking it should also check if the checksum is mentioned in the VERIFICATION.txt
file.
Thoughts?
@AdmiringWorm not really - vendors can simply say this is their tool and not provide a checksum
In all packages.