Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security: produce signed SHA256SUMS file #215

Closed
lizthegrey opened this issue Feb 24, 2021 · 0 comments · Fixed by #423
Closed

Security: produce signed SHA256SUMS file #215

lizthegrey opened this issue Feb 24, 2021 · 0 comments · Fixed by #423
Assignees
@MikeGoldsmith
Labels
type: enhancement New feature or request

Comments

@lizthegrey
Copy link
Member

Right now there's no way of verifying that our binaries have not been tampered with after leaving circleci (e.g. by someone malicious who has access to our github account)
@MikeGoldsmith MikeGoldsmith added the type: enhancement New feature or request label Sep 23, 2021
@MikeGoldsmith MikeGoldsmith mentioned this issue Mar 28, 2022
Merged
@MikeGoldsmith MikeGoldsmith self-assigned this Mar 28, 2022
@MikeGoldsmith MikeGoldsmith added version: no bump A PR with maintenance or doc changes that aren't included in a release. and removed version: no bump A PR with maintenance or doc changes that aren't included in a release. labels Mar 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MikeGoldsmith MikeGoldsmith

Labels
type: enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Create checksums when building binaries honeycombio/refinery
2 participants
@lizthegrey @MikeGoldsmith