There is a bit too much clutter in releases by including this many checksums. As md5 is not cryptographically secure and sha1 is showing weakness, just use sha256 only. This is what PyPI uses for packages and has become increasingly common in conda-forge. Only makes sense to follow suit here.
There is a bit too much clutter in releases by including this many checksums. As
md5is not cryptographically secure andsha1is showing weakness, just usesha256only. This is what PyPI uses for packages and has become increasingly common in conda-forge. Only makes sense to follow suit here.