-
Notifications
You must be signed in to change notification settings - Fork 10
Verify Checksums for a Release
Chris edited this page Sep 13, 2023
·
1 revision
A shasum.txt file is created as a part of every automated release. Github will checkout the source code, build the launcher and then generate sha256 checksums for each artifact. You can verify the files you download match by generating the checksums on your machine.
-
Download both the min-ed-launcher_[version].tar.gz and shasum.txt files
-
Run
shasum -c --ignore-missing shasum.txt--ignore-missingwill ignore the Windows release you likely didn't download.
- Download both the min-ed-launcher_[version].zip and shasum.txt files
- Run
certutil -hashfile C:\path\to\zipfile SHA256in Windows Terminal/Powershell/CMD (see external article for detailed instructions including screenshots) - Compare the output of the previous command to the contents of shasum.txt
You can verify the attached artifact is the same as the one generated by Github by viewing the job output of the release action and comparing the hashes. Look for the section named Create Checksums. Do note that Github automatically deletes job output after 90 days.