randombit opened this issue a year ago · 1 comments
Discussion in #94
For released versions, we should download the tarball, and check it against an embedded SHA-256
openssl-sys seems to support a lot of features wrt version autodetection, etc here so may be a good one to study.
openssl-sys