zip-release icon indicating copy to clipboard operation
zip-release copied to clipboard

Published 20 hours ago verified publisher icon TheDoctor0

Feature Request: Configurable Hash Computation of Generated ZIP File

Open tusharmath opened this issue 1 year ago • 1 comments

Hello,

I'm a user of the zip-release project and find it incredibly useful. However, I've identified a feature that could significantly enhance the utility and flexibility of the tool – the option to compute a configurable hash of the generated ZIP file.

This feature would be particularly beneficial when publishing software through package managers like Homebrew, which require an SHA-256 hash of the software artifact for integrity verification. It would also be useful for users who prefer or need to use other hash functions like MD5 for their particular use cases.

The proposed feature would add a new configuration option hash that could be set to the desired hash function (e.g., sha256, md5). After the ZIP file is created, the specified hash is computed and made available as an output of the job.

For example:

# ... 
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout code
      uses: actions/checkout@v2

    - name: Create ZIP Release
      id: zip-release
      uses: TheDoctor0/zip-release@master
      with:
        filename: "my_project.zip"
        hash: "sha256"
        
    - name: Update Homebrew Formula
      uses: some-homebrew-action@v1
      with:
        formula: "my_project"
        url: ${{ steps.zip-release.outputs.download_url }}
        sha256: ${{ steps.zip-release.outputs.hash }}

In this example, steps.zip-release.outputs.hash would hold the computed hash of the created ZIP file, and the hash input allows the user to specify the hash function to be used.

This feature would offer greater flexibility for users, allowing them to choose the hash function that best fits their needs. Additionally, it would allow for more seamless integration with package managers and provide stronger assurance of file integrity.

Looking forward to your thoughts on this proposal!

Best, Tushar.

tusharmath avatar Jun 21 '23 09:06 tusharmath

Hey @tusharmath! It is a very interesting idea and I do agree that it may be very useful for some people. I will try to implement it in the coming days. Of course, if you want I encourage you to prepare a pull-request yourself :smile:

TheDoctor0 avatar Jun 21 '23 10:06 TheDoctor0