Hello - it would be beneficial for us to verify the JAR after downloading it in our pipelines. Could you release a checksum or (even better) sign the JAR and let us verify it with a public key? That way we could verify it after downloading in a pipeline but before executing it. Thanks
Hello - it would be beneficial for us to verify the JAR after downloading it in our pipelines. Could you release a checksum or (even better) sign the JAR and let us verify it with a public key? That way we could verify it after downloading in a pipeline but before executing it. Thanks