Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Some platforms only have SHA-1 #368
Could also consider implementing a fallback when
Not opposed to shipping SHA1sums as well, at all. Just pondering.
added a commit
Jan 20, 2015
Yes, lets close here, I remain unconvinced there is a case for cluttering up our release directories with more files because (a) there hasn't been an enumeration of systems where sha-1 is available but sha-256 is unavailable and (b) even if such systems can be listed, I really don't believe they are targets for nvm, they are more likely to be production machines where nvm doesn't make much sense.
I do regret being difficult about this but one of the nice things about io.js is that we can make a break with older conventions that have been built up, including things like sticking to ancient versions of V8 because of toolchain concerns and the fact that we've reorganised the way naked Windows binaries are distributed in the /dist/ directory. I see SHASUMS.txt as one of these because the original reason for shipping it is no longer relevant.
i.e. please open an issue on iojs/build if there is still a concern about this but it's going to take some convincing, not just hand-waving and hypotheticals.