[erlang-questions] Missing checksums for github.com/erlang/otp/releases
Gerhard Lazu
gerhard@REDACTED
Wed Jan 9 18:08:38 CET 2019
I think it would be great to have checksums publicly available when a new
Erlang/OTP patch is tagged on GitHub. Something as simple as this will do:
sha256sum OTP-21.2.2.tar.gz > OTP-21.2.2.tar.gz.sha256
curl --request POST --data-binary "@OTP-21.2.2.tar.gz.sha256" --header
"Content-Type: text/plain"
https://uploads.github.com/repos/erlang/otp/releases/OTP-21.2.2/assets?name=OTP-21.2.2.tar.gz.sha256
Is this something that others are missing? If not, how do you answer "*I
know that this Erlang/OTP build is legit*" in your production environments?
Thank you, Gerhard.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20190109/5b0600a9/attachment.htm>
More information about the erlang-questions
mailing list