Create `rget pin` subcommand

[philips]

There needs to be a way for a user to save the digest of the files received and ensure that if fetched again that the contents match the last digest. There are a few uses for that:

• Telling a friend to download something: send the file over email
• Downloading dependencies for a software build: check the file into git

Rough UX of what I am thinking:

Append to the file if this URL is missing, otherwise verify

rget --pin-file rget.sum https://github.com/etcd-io/etcd/releases/download/v3.3.13/etcd-v3.3.13-darwin-amd64.zip

Append/create URL entry to a pin file for a given URL:

rget pin https://github.com/etcd-io/etcd/releases/download/v3.3.13/etcd-v3.3.13-darwin-amd64.zip

[mkmik]

I guess it would be also useful to pass the hash of the single file being downloaded directly as a parameter.

If the receiver trust the instructions, a single copy paste would suffice:

rget --hash b41491157076ccfa52e7b9b0ee695afd24c5d720ea9e40933ef908e69ec19368 \
  https://github.com/etcd-io/etcd/releases/download/v3.3.13/etcd-v3.3.13-darwin-amd64.zip

I did something similar in https://github.com/mkmik/runck, but also conflating the issue of executing an installer (as a proof of concept for an alternative to curl | bash)

[philips]

@mkmik yes, I agree both are needed. I don't know what to do if the pin db and the flag provided disagree though. Issue a warning? Exit?

[mkmik]

@philips perhaps we can start making those flags mutually exclusive?