Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: sha256 checksums for binary releases #293

Merged
merged 1 commit into from
Dec 5, 2018

Conversation

michael-go
Copy link
Contributor

With this, sha256 checksums will be computed for the binary packages of the CLI and will be uploaded together with the binaries as release assets to GitHub, and will be named as snyk-<platform>.sha256.

@michael-go michael-go self-assigned this Dec 5, 2018
.releaserc Outdated
@@ -3,7 +3,7 @@
"@semantic-release/npm",
{
"path": "@semantic-release/exec",
"cmd": "npm i -g pkg && pkg ."
"cmd": "npm i -g pkg && pkg . && shasum -a 256 snyk-linux > snyk-linux.sha256 && shasum -a 256 snyk-macos > snyk-macos.sha256 && shasum -a 256 snyk-win.exe > snyk-win.exe.sha25"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing 6 at the end

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

right! I remember saying to myself "add a 6 after you paste" 😅 thanks ! 🙏

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sha25 is probably secure too !

@michael-go
Copy link
Contributor Author

I'll also verify now that the shasum command exists and works the same on a travis shell

With this, sha256 checksums will be computed for the binary packages of
the CLI and will be uploaded together with the binaries as release assets
to GitHub, and will be named as `snyk-<platform>.sha256`.
@michael-go
Copy link
Contributor Author

cool - shasum exists on travis and has same params

@michael-go michael-go merged commit ff79f79 into master Dec 5, 2018
@michael-go michael-go deleted the feat/checksum-binary-releases branch December 5, 2018 20:27
michael-go added a commit that referenced this pull request Dec 5, 2018
introduced in previous PR: #293
@snyksec
Copy link

snyksec commented Dec 5, 2018

🎉 This PR is included in version 1.115.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants