Require checksums for prebuilt installers
ci / test (push) Waiting to run
ci / fuzz-smoke (push) Waiting to run
ci / windows-client (push) Waiting to run
ci / package-release (linux-x86_64, ubuntu-latest) (push) Waiting to run
ci / package-release (macos-aarch64, macos-14) (push) Waiting to run
ci / package-release (macos-x86_64, macos-13) (push) Waiting to run
ci / package-release (windows-x86_64, windows-latest) (push) Waiting to run
ci / publish-gitea-release (push) Blocked by required conditions
ci / remote-bench (push) Waiting to run
ci / test (push) Waiting to run
ci / fuzz-smoke (push) Waiting to run
ci / windows-client (push) Waiting to run
ci / package-release (linux-x86_64, ubuntu-latest) (push) Waiting to run
ci / package-release (macos-aarch64, macos-14) (push) Waiting to run
ci / package-release (macos-x86_64, macos-13) (push) Waiting to run
ci / package-release (windows-x86_64, windows-latest) (push) Waiting to run
ci / publish-gitea-release (push) Blocked by required conditions
ci / remote-bench (push) Waiting to run
This commit is contained in:
+2
-2
@@ -330,8 +330,8 @@ verify_archive_checksum() {
|
||||
archive="$2"
|
||||
checksum_file="$3"
|
||||
if ! curl -fsL "$url.sha256" -o "$checksum_file"; then
|
||||
echo "prebuilt checksum unavailable; continuing without sidecar verification" >&2
|
||||
return 0
|
||||
echo "prebuilt checksum unavailable; refusing unverified binary for $url" >&2
|
||||
return 1
|
||||
fi
|
||||
expected="$(awk '{print $1}' "$checksum_file" | sed -n '1p')"
|
||||
actual="$(sha256_file "$archive")" || {
|
||||
|
||||
Reference in New Issue
Block a user