Casks still using SHA-1 #3372
Comments
|
It's also my intention (with no specific timeline) to remove
|
|
Jaw drops Wow. Someone had a busy evening! Thanks @miguelfrde! |
|
@alebcay A few ones are missing yet. Sage is still downloading and Sharetool throws a 500 server error. Edit: sage is done |
|
With ShareTool, the entire mirror site seems to be down. I'll see if I can find another download link. EDIT: It seems ShareTool is undergoing a bit of change of ownership right now, and an update/download link will be available "soon". EDIT AGAIN: I found a temporary mirror on CNET, but it's only 2.4.1, not 2.4.2, but I guess that'll have to do for now. |
|
Note -- when I earlier did a mass update to use sha256, I rejected any download that didn't pass the existing sha1. Some of these group should be those cases. It could easily be that something went wrong on my end during the original download, but it's worth double-checking. @alebcay I did manually check a number of your PRs that were only sha1->sha256 changes, and found nothing in error. |
|
Thanks @miguelfrde. |
|
Well, it seems it’s done. That was fast. |
The current default behavior is for Casks to use a SHA-256 checksum instead of a SHA-1 checksum (this change occurred in v0.29.0, discussed in #2719). A handful of casks still use SHA-1. While this is not an immediate issue, it's probably a good idea to make them futureproof by updating them to SHA-256.
The text was updated successfully, but these errors were encountered: