start-os icon indicating copy to clipboard operation
start-os copied to clipboard
verified publisher icon Start9Labs

[feat]: Publish OS and Service Releases with SHA256 Hashes

Open kn0wmad opened this issue 3 years ago • 3 comments

Prerequisites

  • [X] I have searched for existing issues that already suggest this feature, without success.

Describe the Feature Request

A hash ought to be published with each published asset

Describe the Use Case

This allows both the devs to verify they are looking at the same asset, as well as allowing a user to verify they have the asset that was published

Describe Preferred Solution

SHA256 is fine

Describe Alternatives

No response

Anything else?

No response

kn0wmad avatar Jul 08 '22 15:07 kn0wmad

ACK

dr-bonez avatar Jul 12 '22 18:07 dr-bonez

What's LOE here?

MattDHill avatar Jul 12 '22 18:07 MattDHill

It just needs to be part of our release process. Run a sha256sum and a b3sum of eos.img, and update.img when cutting a tag.

same for s9pks

dr-bonez avatar Jul 12 '22 19:07 dr-bonez

At the moment your guides suggest simple downloading the latest OS image and checking against a checksum. There is no PGP verification process that is suggested. You find with much of the other privacy/security orientated software. Otherwise great! Thanks.

NyamiDev avatar Nov 10 '22 11:11 NyamiDev

It just needs to be part of our release process. Run a sha256sum and a b3sum of eos.img, and update.img when cutting a tag.

same for s9pks

@islandbitcoin @k0gen @chrisguida @Blu-J @elvece

elvece avatar Dec 14 '22 22:12 elvece