Hi,
Yes. we should have fixed all that loong time ago. The problem is of course
that “we should have fixed” only gets true after “I fixed it”… so will block
some
time next week after the release to work on that.
- fix https version of pharo.org.
- setup ssl for all sites
- provide checksum for f
Yep, a SHA sum is less useful if it's on the same site. Still, it
would be really useful to check the file against accidental
corruption. It would also be useful for comparing with the checksums
used by packagers,
e.g. https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=pharo#n27
. Users could s
I guess you could download it from the Jenkins job
https://ci.inria.fr/pharo/job/Pharo-5.0-Update-Step-5-Publish/lastSuccessfulBuild/artifact/
although the job itself downloads over http from files.pharo.org… but
Jenkins should be fine enough if you are worried about MitM between you and
Pharo.
F
Is there any way of downloading Pharo securely?
I'm trying to download Pharo itself over HTTPS, so I know I can trust the data:
$ wget https://files.pharo.org/platform/Pharo4.0-linux.zip
--2016-05-02 22:44:34-- https://files.pharo.org/platform/Pharo4.0-linux.zip
Resolving files.pharo.org (files.
