Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Hash Verification in Downloader #46

Open
clarete opened this issue Nov 3, 2013 · 0 comments
Open

Implement Hash Verification in Downloader #46

clarete opened this issue Nov 3, 2013 · 0 comments
Labels
enhancement

Comments

@clarete
Copy link
Owner

clarete commented Nov 3, 2013

Curdling should parse the fragment of any downloaded URL and check for hashes. Each available hash (specified in the format algorithm=hash) should be compared against the hash of the content after the download. The exception HashVerificationFailed should be raised in any mismatch.

Just like in pip, the following hashes should be supported: sha1, sha224, sha384, sha256, sha512, md5.

Example of URL with hash fragment

https://pypi.python.org/packages/source/c/curdling/curdling-0.3.6.tar.gz#md5=4caac1cee5c5c629a0d3b40496382b13

Questions

  • Not sure if the hash the only argument in the fragment. The implementation will consider that it is true for now;
  • Not sure if the user should be allowed to specify more than one hash. The implementation will get only the first one for now;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@clarete