Currently to verify file integrity with the install script we download
sidecar md5 file from yt-project.org. These aren't versioned, and md5
itself is largely deprecated for this.
I've created a new sha512-using version of the install script, which
uses sha512 hashes stored *in the install script* to verify file
integrity. This way any time these change we will be notified of
them. I'd like it if a few people could test this -- I have -- on
pristine systems. It changes both how the files are downloaded and it
now uses sha512sum, which should be available on most systems
(according to Kacper :).
You can do this by:
and then running it, but maybe supplying an alternate directory rather
than the default.
Thanks for any feedback.
yt-dev mailing list