[erlang-questions] Missing checksums for github.com/erlang/otp/releases

Gerhard Lazu gerhard@REDACTED
Wed Jan 9 18:08:38 CET 2019

I think it would be great to have checksums publicly available when a new
Erlang/OTP patch is tagged on GitHub. Something as simple as this will do:

sha256sum OTP-21.2.2.tar.gz > OTP-21.2.2.tar.gz.sha256
curl --request POST --data-binary "@OTP-21.2.2.tar.gz.sha256" --header
"Content-Type: text/plain"

Is this something that others are missing? If not, how do you answer "*I
know that this Erlang/OTP build is legit*" in your production environments?

Thank you, Gerhard.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20190109/5b0600a9/attachment.htm>

More information about the erlang-questions mailing list