Skip to content

v1.5.0
Compare
Choose a tag to compare
@github-actions github-actions released this 18 Sep 17:26
· 16 commits to master since this release
v1.5.0
71b9b2e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

GitHub Logo

Overview

This release adds a signature to the checksum file to help verify the integrity of a build.

  1. Install the Algorand signing key from keys.openpgp.org or . Using GnuPG this is done with the following command:

    gpg --keyserver keys.openpgp.org --search-keys dev-ci+build@algorand.com

  2. Refresh keys if necessary. In the event of a security breech, we will revoke the key. To account for this, simply refresh the key:

    gpg --refresh-keys --keyserver keys.openpgp.org

  3. Download checksums.txt.sig and checksums.txt and verify the signature:

    gpg --verify checksums.txt.sig checksums.txt

  4. Download one or more release archives and verify the checksum:

    sha256sum -c < checksums.txt

Changelog

  • 71b9b2e Add gpg signature to checksum file. (#150)
  • 0752d23 ci: fix release notes template formatting. (#148)

Full Changelog: v1.4.0...v1.5.0

Docker images for this release are available on Docker Hub.

Assets 9
Loading