self_update icon indicating copy to clipboard operation
self_update copied to clipboard
verified publisher icon jaemk

Feature Request: optional checksum verification

Open jqnatividad opened this issue 3 years ago • 1 comments

For additional security/peace of mind, it'd be great if self-update can check a release's checksum when its available, and only continue with the update if the checksum is verified.

jqnatividad avatar Apr 14 '22 22:04 jqnatividad

Yes, definitely would be a good addition!

jaemk avatar Apr 19 '22 03:04 jaemk

Can there be some insight, why zipsign has been used instead of for example minisign/rsign2 which cargo-binstall uses: https://github.com/cargo-bins/cargo-binstall/blob/main/SIGNING.md

Using zipsign means, that we would need to attach various different signatures to releases it seems, which is a bit unfortunate I would say instead of having a kind of standardized signing process.

simonsan avatar Nov 14 '23 01:11 simonsan