Skip to content

v0.2.2

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 01 Apr 23:42
· 41 commits to main since this release
v0.2.2
80921ba
This commit was signed with the committer’s verified signature.
caarlos0 Carlos Alexandro Becker
SSH Key Fingerprint: Tc9jyTM9IRl9zFS4Q8aZgjWVpjbwK0SGkHOhCFD1OMU
Verified
Learn about vigilant mode.

Changelog

Bug fixes

Other work

Verifying the artifacts

First, download the checksums.txt file, for example, with wget:

wget 'https://github.com/charmbracelet/freeze/releases/download/v0.2.2/checksums.txt'

Then, verify it using cosign:

cosign verify-blob \
  --certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  --cert 'https://github.com/charmbracelet/freeze/releases/download/v0.2.2/checksums.txt.pem' \
  --signature 'https://github.com/charmbracelet/freeze/releases/download/v0.2.2/checksums.txt.sig' \
  ./checksums.txt

If the output is Verified OK, you can safely use it to verify the checksums of other artifacts you downloaded from the release using sha256sum:

sha256sum --ignore-missing -c checksums.txt

Done! You artifacts are now verified!

The Charm logo

Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.

Contributors

caarlos0
Assets 59
Loading