Check hashsum of partman download
mxmehl opened this issue · comments
Thank you for this project!
When downloading packages from a website, one should check their hashsums to verify integrity and authenticity.
So e.g. the sha256sum should be an ARG
in the Dockerfile and later be checked after the download and before the install. Here are some examples.
postgresql-partman-container/Dockerfile
Lines 4 to 8 in f59548a