doc: update README with SHASUMS256.txt.sig info #15107
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jasnell
approved these changes
Sep 1, 2017
BridgeAR
approved these changes
Sep 2, 2017
|
Ping @rvagg |
|
beautiful work! this is exactly what's needed, thanks for contributing this. My only one ask is that you make sure you keep the line lengths of non-breakable text to 80 characters maximum as that's the standard for this file. |
rvagg
suggested changes
Sep 12, 2017
README.md
Outdated
|
|
||
| To verify a SHASUMS256.txt.asc, you will first need to import all of | ||
| the GPG keys of individuals authorized to create releases. They are | ||
| To verify SHASUMS256.txt has not been altered, you will first need to import all |
There was a problem hiding this comment.
81 chars I think, need to break this to <=80
README.md
Outdated
| ``` | ||
|
|
||
| After downloading the appropriate SHASUMS256.txt and SHASUMS256.txt.sig files, | ||
| you can then use `gpg --verify SHASUMS256.txt.sig SHASUMS256.txt` to verify that |
It is more secure to verify SHASUMS256.txt files via SHASUMS256.txt.sig than SHASUMS256.txt.asc. [This comment](nodejs#6821 (comment)) does the best job at explaining the issue. Refs: nodejs#6821, nodejs#9071
maclover7
force-pushed
the
jm-shasums-sig
branch
from
42a7ee0
to
97e0b32
Compare
|
updated @rvagg |
|
Landed @ c1fce1e, marking for backport to LTS |
rvagg
pushed a commit
that referenced
this pull request
Sep 13, 2017
It is more secure to verify SHASUMS256.txt files via SHASUMS256.txt.sig than SHASUMS256.txt.asc. This comment does the best job at explaining the issue: #6821 (comment) Refer: #6821 Refer: #9071 PR-URL: #15107 Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: James Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
jasnell
pushed a commit
that referenced
this pull request
Sep 20, 2017
It is more secure to verify SHASUMS256.txt files via SHASUMS256.txt.sig than SHASUMS256.txt.asc. This comment does the best job at explaining the issue: #6821 (comment) Refer: #6821 Refer: #9071 PR-URL: #15107 Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: James Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
MylesBorins
pushed a commit
that referenced
this pull request
Oct 17, 2017
It is more secure to verify SHASUMS256.txt files via SHASUMS256.txt.sig than SHASUMS256.txt.asc. This comment does the best job at explaining the issue: #6821 (comment) Refer: #6821 Refer: #9071 PR-URL: #15107 Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: James Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Merged
MylesBorins
pushed a commit
that referenced
this pull request
Oct 25, 2017
It is more secure to verify SHASUMS256.txt files via SHASUMS256.txt.sig than SHASUMS256.txt.asc. This comment does the best job at explaining the issue: #6821 (comment) Refer: #6821 Refer: #9071 PR-URL: #15107 Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: James Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Merged
This was referenced Apr 28, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
It is more secure to verify SHASUMS256.txt files via SHASUMS256.txt.sig
than SHASUMS256.txt.asc.
This comment does the best job at explaining the issue.
Refs: #6821, #9071
Checklist
Affected core subsystem(s)
doc