github charmbracelet/soft-serve v0.11.0
on GitHub

10 hours ago

Changelog

New!

Security

Verifying the artifacts

First, download the checksums.txt file, for example, with wget: 

wget 'https://github.com/charmbracelet/soft-serve/releases/download/v0.11.0/checksums.txt'

Then, verify it using cosign: 

cosign verify-blob \
  --certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  --cert 'https://github.com/charmbracelet/soft-serve/releases/download/v0.11.0/checksums.txt.pem' \
  --signature 'https://github.com/charmbracelet/soft-serve/releases/download/v0.11.0/checksums.txt.sig' \
  ./checksums.txt

If the output is Verified OK, you can safely use it to verify the checksums of other artifacts you downloaded from the release using sha256sum: 

sha256sum --ignore-missing -c checksums.txt

Done! You artifacts are now verified!

The Charm logo

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

Check out latest releases or
releases around charmbracelet/soft-serve v0.11.0

Don't miss a new soft-serve release

NewReleases is sending notifications on new releases.

Get notifications