Re: [dev] file integrity github project

From: fao_ <>
Date: Thu, 31 Aug 2017 02:54:40 +0100

On 2017-08-23 7:04 pm, Aaron Toponce wrote:
> I noticed most software available on does not
> provide
> checksums and digital signatures for the compressed tarballs, and other
> files.
> I sought to remedy this, by creating a Github repository of only
> checksums and
> digital signatures. It's available at:
> Ultimately, it would be best if these were hosted on
> directly,
> but I figured I could help by hosting them here until they can get
> deployed.
> This is to help ensure that you have downloaded all the correct bits
> for both
> the software and the checksum.
> Hopefully, this is of some value to the community and suckless users,
> such as
> myself.

I couldn't decide what subthread to add it to, so I'll put it on the

As a side note, has anyone seen what OpenBSD did to handle and secure
their project?
I'll leave it here:

- fao_
PGP fingerprint: 739B 6C5C 3DE1 33FA
"Too enough is always not much!"
Received on Thu Aug 31 2017 - 03:54:40 CEST

This archive was generated by hypermail 2.3.0 : Thu Aug 31 2017 - 04:00:17 CEST