How to verify that the installation packages attached to the releases have been assembled from the source code
vladimiry opened this issue · 2 comments
vladimiry commented
- Attached to the releases installation packages get automatically assembled from the source code with the help of the Continuous Integration systems (CI). So it's a completely reproducible process, ie anyone can fork the project and independently build the installation packages from the source code using the same CI systems.
- Releases include the publicly available links to the CI build logs.
- Those logs include the hash sums of the prepared installation packages (hash sums printed at the end of the log).
vladimiry commented
Printing hash-sums into the CI output log originally enabled in v2.0.0-beta.9.