This repository has been archived by the owner on Apr 3, 2019. It is now read-only.
Maybe add cross-check #130
Comments
|
Thanks for reporting. I'm inclined to agree, but am not quite sure where we'd host this secondary hash. |
|
the secondary hash could perhaps be hosted on one of the IB servers? Or on a publicly readable file on google drive? Or we could simply create a quick website for the qa-tools and host it there... |
|
Projects that have a website containing an HTML version of the docs always make me happy. For example, Guzzle has docs inside the repository: https://github.com/guzzle/guzzle/tree/master/docs which are also hosted online: |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The SHA-384 checksum is good for security, of course. But it isn't of much use if the GitHub account is hacked, since both the file and the hash are on GitHub.
The composer installer is on getcomposer.com, but it has a cross-check on GitHub, so that you can verify the checksum yourself.
Shouldn't we have a cross-check as well?
The text was updated successfully, but these errors were encountered: