You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the solution you'd like
Generate plaintext files such as SHA256SUM, etc., containing the checksum for every mergerfs release asset (see rescuezilla as an example).
Describe alternatives you've considered
N/A
The text was updated successfully, but these errors were encountered:
If someone has access to an account such that they can upload arbitrary content then they can also change the hash file. So the only value is ensuring no corruption which statisticly it is more likely a build fails or is broken somehow than the data becomes corrupted. Especially given the packages are compressed.
I can add it but I see very little functional value.
If someone has access to an account such that they can upload arbitrary content then they can also change the hash file. So the only value is ensuring no corruption which statisticly it is more likely a build fails or is broken somehow than the data becomes corrupted. Especially given the packages are compressed.
I can add it but I see very little functional value.
The installation packages can be corrupted on the user's end during or after downloading.
Alright, please consider adding the checksum files if you can automate or otherwise trivialize the the process.
Is your feature request related to a problem? Please describe.
Checksums allow users to verify the integrity of their downloads — for most users (I presume), mergerfs is certainly an integral piece of software.
Fedora for instance still doesn't have mergerfs in their repository.
Describe the solution you'd like
Generate plaintext files such as
SHA256SUM
, etc., containing the checksum for every mergerfs release asset (see rescuezilla as an example).Describe alternatives you've considered
N/A
The text was updated successfully, but these errors were encountered: