Checksums



  • i have the vivaldi and fedora repositories for dnf. can i assume that downloads from the repositories have md5sum/hashsum/checksum? what about integration with other app stores that have verification natively? can someone write a verification extension like TAILS has? am i missing something that makes my questions redundant?


  • Moderator

    Fetch your package from Vivaldi original download site.
    You don't need a extra checksum. The downloaded packages are internally GPG signed and have shasums of all include files.
    If you install the package with your package manager all sig and shasum are checked.



  • is that true for windows, rpm, and deb packages? is that feature what makes it need to reload after update? likewise, are all package managers able to do this from the download site as well as the repository?


  • Moderator

    Trust me: all packages are signed and Linux deb and rpm packages have shasums in the package itself.
    The packages are updated daily on the OS you use, Linux does this in background, Windows shows a message if new updates are available. Reload after Update only occurs on Windows; why? because the Autoupdater needs restarting the browser.



  • @Gwen-Dragon Almost every package on Ubuntu is downloaded and installed via repositories or verified via checksum if downloaded separate. Where are the checksums?

    I opened the deb package in the Ubuntu Software Center. It specifically states "Only install this file if you trust the origin." I don't truly know the origin because there are no available checksums.


  • Moderator

    @alphaDev All packages are signed by a GPG key and have a internal checksum hash which is checked wihile running Linux package installer.

    You can setup the Vivaldi repo, please read https://help.vivaldi.com/article/manual-setup-vivaldi-linux-repositories/


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.