#2: Checksum and sig support
- Contents
It is very common to have checksum (md5, sha256) and sig (gpg signatures) for downloads. PSF has no infrastructure to attach sigs and checksums to a fiile
- Proposed by
- Christian Heimes
- Proposal type
- Architecture
- State
- being-discussed
Motivation
File downloads should be checksummed to have a way to validate a download. It is a common sign of beeing professional.
Proposal
* Add file upload field for signatures
* Add string field for sha256 and md5 check sum
* Add dummy files for sha and md5 checksums that list all files in a release with "checksum filename"
