Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release via GitHub with SHA #87

Open
raphaklaus opened this issue Mar 29, 2019 · 2 comments
Open

Release via GitHub with SHA #87

raphaklaus opened this issue Mar 29, 2019 · 2 comments

Comments

@raphaklaus
Copy link

Downloading it via a static AWS link kind of sucks and is not secure. :\
@al2613
Copy link
Contributor

al2613 commented Mar 30, 2019

Hey Raphael,

Thanks for the feedback! The download link is a secure connection so we're not sure what you're referring to exactly? Can you provide us with more specific details?

Thanks,
Annette

@raphaklaus
Copy link
Author

No, no. I mean, there is no way to ensure the build from AWS is from this source code. You should provide the SHA signature along with the build link from the build system used (Circle, Jenkins, etc).

Search for best security practices using SHA algorithm in open source projects.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@raphaklaus @al2613