redis / redis-hashes Goto Github PK
View Code? Open in Web Editor NEWRedis tarball SHA1 hashes
Redis tarball SHA1 hashes
Hi, I tried it on different platforms and let a colleague verify. The downloaded archive for redis 4.0.3 always gives
412f2634e55fe19e8826fae47935a8efe1e60ba2a48a8953c65e7a6caa459e41
not the hash specified in the file.
Adding the checksum for the current redis-stable release would be helpful for two reasons:
Thanks for considering.
https://github.com/antirez/redis/archive/5.0-rc6.tar.gz
Is the only url I found with a non-empty download and the correct hash for this archive is
6f16ffb5550b6ba74f8198f873e2f4f1fc031a69583a16084c237c5389f6d159
The hash you have listed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 is for the zero-byte tar file from http://download.redis.io/releases/redis-5.0-rc6.tar.gz
I can't find checksum for 2.8.24 release. Please add it.
Thanks.
Any particular reason not to include the 3.2 release candidate hashes here? ๐
Since download.redis.io
does not support HTTPS, I tried to fetch Redis from GitHub. But it turns out, that GitHub and download.redis.io
are using different gzip versions or compression rates. So the SHA1 differs from what's published on https://github.com/antirez/redis-hashes/blob/master/README. The uncompressed tarballs have the same hash.
Could you please provide HTTPS for download.redis.io
and provide hashes/signatures for the GitHub releases?
There is no hash for v6.2.5 which has been released yesterday
If you were to publish a GPG key that is used for code signing and signed that latest version of the hashes file and each binary download file for each release with a detached gnupg signature file it would go a long way to ensure that not only are the bits correct (which the hash already tells us) but that the integrity of the hashes list is unimpeachable as well. This could be very easily scripted on your end when new releases are put out.
Signing the binary for each release tarball individually would be awesome as well.
Here are a couple of example projects that do this:
https://github.com/tianon/gosu/releases
https://github.com/just-containers/s6-overlay/releases
An example usage (in a Dockerfile) would be something like this:
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-amd64.tar.gz /tmp/s6-overlay-amd64.tar.gz
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-amd64.tar.gz.sig /tmp/s6-overlay-amd64.tar.gz.sig
RUN tar xvfz /tmp/s6-overlay-amd64.tar.gz -C / && \
gpg --keyserver pgp.mit.edu --recv-key ${S6_OVERLAY_GPG_KEY} && \
gpg --verify /tmp/s6-overlay-amd64.tar.gz.sig /tmp/s6-overlay-amd64.tar.gz && \
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.