http_client: Add integrity checks for GitHub binaries using digest checks#43737
Merged
Veykril merged 1 commit intozed-industries:mainfrom Dec 1, 2025
Merged
Conversation
…or github binaries using digest checks
cla-bot
bot
added
the
cla-signed
TomPlanche
changed the title
Contributor
Author
|
@SomeoneToIgnore @probably-neb I don't think I'm responsible for the failed check, am I ? |
maxdeviant
changed the title
Contributor
|
No, that is broken for some time. |
Veykril
changed the title
ConradIrwin
added a commit
that referenced
this pull request
Dec 3, 2025
…igest checks (#43737)" (#44086) This reverts commit 05764e8. Internally we've seen a much higher incidence of macOS code-signing failing on the download rust analyzer than we did before this change. It's unclear why this would be a problem, but we want to try reverting to see if that fixes it. Release Notes: - Reverted a change that seemed to cause problems with code-signing on rust-analyzer
baldwindavid
added a commit
to baldwindavid/zed
that referenced
this pull request
Dec 4, 2025
* main: (155 commits) Add support for git remotes (zed-industries#42819) python: Improve sorting order of toolchains to give higher precedence to project-local virtual environments that are within current subproject (zed-industries#44141) Use buffer language when formatting with Prettier (zed-industries#43368) search: Fix sort order not being maintained in presence of open buffers (zed-industries#44135) bedrock: Support global endpoints and new regional endpoints (zed-industries#44103) linux: Spawn at least two background threads (zed-industries#44110) macos: Add missing file access entitlements (zed-industries#43609) Re-colorize the brackets when the theme changes (zed-industries#44130) Reduce priority of Windows thread pool work items (zed-industries#44121) Update fancy-regex (zed-industries#44120) Prefer to disable options over hiding (git panel entry context menu) (zed-industries#44102) tab_switcher: Subscribe to workspace events instead of pane events (zed-industries#44101) editor: Add active match highlight for buffer and project search (zed-industries#44098) Add more preview tab settings and fix janky behavior (zed-industries#43921) ai: Add an eval for the inline assistant (zed-industries#43291) Fix circular reference issue around PopoverMenu again (zed-industries#44084) Run `git2::Repository::find_remote` in the background (zed-industries#44092) Improve support for multiple registrations of `textDocument/diagnostic` (zed-industries#43703) Revert "http_client: Add integrity checks for GitHub binaries using digest checks (zed-industries#43737)" (zed-industries#44086) editor: Fix blame hover not working when inline git blame is disabled (zed-industries#42992) ...
CherryWorm
pushed a commit
to CherryWorm/zed
that referenced
this pull request
Dec 16, 2025
…igest checks (zed-industries#43737)" (zed-industries#44086) This reverts commit 05764e8. Internally we've seen a much higher incidence of macOS code-signing failing on the download rust analyzer than we did before this change. It's unclear why this would be a problem, but we want to try reverting to see if that fixes it. Release Notes: - Reverted a change that seemed to cause problems with code-signing on rust-analyzer
someone13574
pushed a commit
to someone13574/zed
that referenced
this pull request
Dec 16, 2025
…ecks (zed-industries#43737) Generalizes the digest verification logic from `rust-analyzer` and `clangd` into a reusable helper function in `http_client::github_download`. This removes ~100 lines of duplicated code across the two language adapters and makes it easier for other language servers to adopt digest verification in the future. Closes zed-industries#35201 Release Notes: - N/A
someone13574
pushed a commit
to someone13574/zed
that referenced
this pull request
Dec 16, 2025
…igest checks (zed-industries#43737)" (zed-industries#44086) This reverts commit 05764e8. Internally we've seen a much higher incidence of macOS code-signing failing on the download rust analyzer than we did before this change. It's unclear why this would be a problem, but we want to try reverting to see if that fixes it. Release Notes: - Reverted a change that seemed to cause problems with code-signing on rust-analyzer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Generalizes the digest verification logic from
rust-analyzerandclangdinto a reusable helper function inhttp_client::github_download.This removes ~100 lines of duplicated code across the two language adapters and makes it easier for other language servers to adopt digest verification in the future.
Closes #35201
Release Notes: