Skip to content

Add SHA256 checksum to install action. #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Jun 22, 2023
Merged

Add SHA256 checksum to install action. #7

merged 6 commits into from
Jun 22, 2023

Conversation

mdwn
Copy link
Contributor

@mdwn mdwn commented Jun 21, 2023

The install action now supports a sha256 checksum of the resulting binary. In the event that jetpack's devbox install script is compromised, this will allow users to double check that the resulting binary has a checksum configured at the github action level, potentially preventing a breach of CI infrastructure.

@mdwn
Add SHA256 checksum to install action.
e820b4b 
The install action now supports a sha256 checksum of the resulting
binary. In the event that jetpack's devbox install script is
compromised, this will allow users to double check that the resulting
binary has a checksum configured at the github action level, potentially
preventing a breach of CI infrastructure.
@Lagoja Lagoja requested a review from LucilleH June 21, 2023 21:06
wadells
wadells approved these changes Jun 21, 2023
View reviewed changes
Copy link
Contributor

@wadells wadells left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks reasonable to me -- pending negative test case.

LucilleH
LucilleH approved these changes Jun 21, 2023
View reviewed changes
Copy link
Contributor

@LucilleH LucilleH left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution!!

LucilleH
LucilleH reviewed Jun 21, 2023
View reviewed changes
@LucilleH
Apply suggestions from code review
424c4a9 
Co-authored-by: Lucille Hua <[email protected]>
Signed-off-by: Michael Wilson <[email protected]>
LucilleH
LucilleH reviewed Jun 21, 2023
View reviewed changes
LucilleH
LucilleH reviewed Jun 22, 2023
View reviewed changes
@LucilleH LucilleH added this pull request to the merge queue Jun 22, 2023
Merged via the queue into jetify-com:main with commit 9707b9f Jun 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@LucilleH LucilleH LucilleH approved these changes

+1 more reviewer

@wadells wadells wadells approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mdwn @wadells @LucilleH