Skip to content

Fix signed Windows updater checksum metadata#1712

Merged
nwparker merged 1 commit into
mainfrom
nwparker/fix-windows-latest-checksum
May 12, 2026
Merged

Fix signed Windows updater checksum metadata#1712
nwparker merged 1 commit into
mainfrom
nwparker/fix-windows-latest-checksum

Conversation

@nwparker
Copy link
Copy Markdown
Contributor

@nwparker nwparker commented May 12, 2026

Summary

  • update every sha512 entry in Windows latest.yml after SignPath returns the signed installer
  • fixes signed Windows releases where the top-level checksum was updated but files[0].sha512 still pointed at the unsigned installer

Validation

  • patched live v1.3.49 latest.yml and re-downloaded it to verify both hashes match the published installer
  • ruby -e 'require "yaml"; YAML.load_file(".github/workflows/release-cut.yml"); puts "release-cut.yml parses"'\n- git diff --check\n

@nwparker nwparker merged commit 61f3d7c into main May 12, 2026
3 checks passed
@nwparker nwparker mentioned this pull request May 12, 2026
Merged
nwparker added a commit that referenced this pull request May 12, 2026
@nwparker
Revert Windows SignPath signing (#1713)
9859879 
* Revert "Fix signed Windows updater checksum metadata (#1712)"

This reverts commit 61f3d7c.

* Revert "Sign Windows releases with SignPath (#1300)"

This reverts commit ffa06c2.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nwparker