Closed jpalomaki closed 3 years ago
jpalomaki
commented
3 years ago @brikis98 :wave: Would it possible to retroactively add SHA256SUMS release assets for older terragrunt releases (I for one would feel better installing w/integrity check, rather than just emitting a warning about skipped checksum check)? On a related note: are there plans to PGP sign terragrunt releases (like terraform does it)?
brikis98
commented
3 years ago Possible? Yes. But from a time perspective, I don't think it's something we'll be able to get to any time soon. We do plan to sign all our releases too, but again, time constraints are going to be the issue, and I'm not sure when we'll get to it.
jpalomaki
commented
3 years ago Possible? Yes. But from a time perspective, I don't think it's something we'll be able to get to any time soon. We do plan to sign all our releases too, but again, time constraints are going to be the issue, and I'm not sure when we'll get to it.
Understood. Logging a warning for older releases is then probably the best course of action here. Thanks for the quick reply. :+1:
Install emits: