Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: sha256 checksums for binary releases #293

Merged
merged 1 commit into from
Dec 5, 2018
Merged

feat: sha256 checksums for binary releases #293

merged 1 commit into from
Dec 5, 2018

Conversation

michael-go
Copy link
Contributor

With this, sha256 checksums will be computed for the binary packages of the CLI and will be uploaded together with the binaries as release assets to GitHub, and will be named as snyk-<platform>.sha256.

@michael-go michael-go self-assigned this Dec 5, 2018
adrukh
adrukh reviewed Dec 5, 2018
View reviewed changes
.releaserc Outdated
@@ -3,7 +3,7 @@
"@semantic-release/npm",
{
"path": "@semantic-release/exec",
"cmd": "npm i -g pkg && pkg ."
"cmd": "npm i -g pkg && pkg . && shasum -a 256 snyk-linux > snyk-linux.sha256 && shasum -a 256 snyk-macos > snyk-macos.sha256 && shasum -a 256 snyk-win.exe > snyk-win.exe.sha25"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing 6 at the end

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

right! I remember saying to myself "add a 6 after you paste" 😅 thanks ! 🙏

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sha25 is probably secure too !

@michael-go
Copy link
Contributor Author

I'll also verify now that the shasum command exists and works the same on a travis shell

@michael-go
feat: sha256 checksums for binary releases
0b13a04 
With this, sha256 checksums will be computed for the binary packages of
the CLI and will be uploaded together with the binaries as release assets
to GitHub, and will be named as `snyk-<platform>.sha256`.
@michael-go
Copy link
Contributor Author

cool - shasum exists on travis and has same params

@michael-go michael-go merged commit ff79f79 into master Dec 5, 2018
@michael-go michael-go deleted the feat/checksum-binary-releases branch December 5, 2018 20:27
michael-go added a commit that referenced this pull request Dec 5, 2018
@michael-go
fix: missing comma in .releaserc
bba2038 
introduced in previous PR: #293
@michael-go michael-go mentioned this pull request Dec 5, 2018
Merged
@snyksec
Copy link

snyksec commented Dec 5, 2018

🎉 This PR is included in version 1.115.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

This was referenced Nov 24, 2020
Open
Open
This was referenced Sep 12, 2021
Open
Open
Open
This was referenced Apr 12, 2022
Open
Open
Open
@mmmd03 mmmd03 mentioned this pull request Apr 15, 2022
Open
@snyk-bot snyk-bot mentioned this pull request Jul 27, 2022
Closed
@snyk-bot snyk-bot mentioned this pull request Oct 4, 2022
Closed
@AliADDOU AliADDOU mentioned this pull request Nov 30, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aarlaud aarlaud aarlaud left review comments

@adrukh adrukh adrukh left review comments

@darscan darscan darscan approved these changes

Assignees

@michael-go michael-go

Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@michael-go @snyksec @darscan @adrukh @aarlaud