actions/install-action
1
0
Fork 0
mirror of https://github.com/taiki-e/install-action.git synced 2026-04-21 07:00:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support signature verification (minisign)

Browse Source
This commit is contained in:
Taiki Endo
2023-09-27 22:42:00 +09:00
parent ac65fbce2a
commit b30758ca4a
7 changed files with 153 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -128,6 +128,8 @@ When installing the tool from GitHub Releases, this action will download the too
Additionally, this action will also verify SHA256 checksums for downloaded files in all tools installed from GitHub Releases. This is enabled by default and can be disabled by setting the `checksum` input option to `false`.
Additionally, we also verify signature if the tool distributes signed archives. Signature verification is done at the stage of getting the checksum, so disabling the checksum will also disable signature verification.
See the linked documentation for information on security when installed using [snap](https://snapcraft.io/docs) or [cargo-binstall](https://github.com/cargo-bins/cargo-binstall#faq).
## Compatibility