Opened 5 years ago
Last modified 5 years ago
#5487 new enhancement
Hash/signature verification in build-osx-libs.sh
Reported by: | historic_bruno | Owned by: | |
---|---|---|---|
Priority: | Should Have | Milestone: | Backlog |
Component: | Build & Packages | Keywords: | |
Cc: | Patch: |
Description
It's good practice to at least verify hashes of downloaded source files in the automated build process, to confirm they aren't corrupted. Preferably we would also do signature verification where available. Since macOS doesn't ship with GPG, that could be something like an optional --verify[-signatures]
flag for those who want to use it (required for releases).
Note:
See TracTickets
for help on using tickets.