Skip to content

Add option to prevent unverified input_files

We usually want to verify all input_files we download using either a checksum, or a gpg signature. However we can easily forget to add a checksum for a file, or make a typo when writting sha256sum which would cause a file to be unverified.

It could be nice to have an option that cause an error if an input file that is a URL does not have either a checksum or a signature.

The same option could check that git_hash is either a full commit hash or a signed git commit or tag.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information