package-validator icon indicating copy to clipboard operation
package-validator copied to clipboard
verified publisher icon chocolatey

[Required] Use of checksum

Open gep13 opened this issue 9 years ago • 3 comments

In all packages.

gep13 avatar Aug 04 '16 19:08 gep13

Any package that downloads remote resources - we may be able to be verify out of band downloading as well and add notes to check for checksum validation.

ferventcoder avatar Aug 04 '16 21:08 ferventcoder

I'm thinking it should also check if the checksum is mentioned in the VERIFICATION.txt file. Thoughts?

AdmiringWorm avatar Mar 05 '17 02:03 AdmiringWorm

@AdmiringWorm not really - vendors can simply say this is their tool and not provide a checksum

ferventcoder avatar Sep 01 '17 20:09 ferventcoder