soupslurpr
commented
2 hours ago it's not. apps can have multiple versions that are signed with different keys but with the same variant so this wouldn't really work well anyways
Closed DiagonalArg closed 2 hours ago
soupslurpr
commented
2 hours ago it's not. apps can have multiple versions that are signed with different keys but with the same variant so this wouldn't really work well anyways
DiagonalArg
commented
2 hours ago Perhaps a list of those variants that were checked, in smaller type? eg:
Found: xx:xx:xx...
Expected one of: yy:yy:yy zz:zz:zz
soupslurpr
commented
1 hour ago Okay, but what is this useful for?
It's confusing to have the hash found, rather than the hash expected, presented on output when a check fails. Going to check the key of the package reveals the hash to match, which leads to head scratching. Perhaps you might output: Hash Expected and Hash Found? Or even just "Expected: xx:xx:xx:xx"