Hi, A tiny first step: I added sha256 chechsums for all downloads created by the Pharo6 build process
https://ci.inria.fr/pharo/ <https://ci.inria.fr/pharo/> This step: https://ci.inria.fr/pharo/job/Pharo-6.0-Update-Step-5-Publish/ <https://ci.inria.fr/pharo/job/Pharo-6.0-Update-Step-5-Publish/> now creates .sha256.txt files, e.g for the mac: https://ci.inria.fr/pharo/job/Pharo-6.0-Update-Step-5-Publish/lastSuccessfulBuild/artifact/Pharo6.1-mac.zip.sha256.txt <https://ci.inria.fr/pharo/job/Pharo-6.0-Update-Step-5-Publish/lastSuccessfulBuild/artifact/Pharo6.1-mac.zip.sha256.txt> This allows to check that downloads from the file server are indeed the same files that the build server created. http://files.pharo.org/platform/ <http://files.pharo.org/platform/> http://files.pharo.org/image/60/ <http://files.pharo.org/image/60/> As I said, just a very first step. TODO: - pgp signatures - insert into website - SSL for files.pharo.org <http://files.pharo.org/> - do it Pharo7 - …. So: more to come! Marcus