Release artifacts should include a list of checksums for Windows artifacts
cwjohnston opened this issue · comments
Cameron Johnston commented
Customers have asked how they should verify the Windows packages we publish, e.g. MSI and Nupkg artifacts.
We currently publish a list of checksums for the binary-only tar and zip artifacts generated for each release, but do not publish a similar list of checksums for Windows package artifacts.
We should publish a list of checksums for these Windows artifacts. It would be ideal if they were added to the existing checksum list but a separate file also seems acceptable.