summaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorWolfgang Müller2021-05-07 14:37:25 +0200
committerWolfgang Müller2021-05-07 14:37:25 +0200
commit3297e6fc573fc90881bb47d877ad9e3470e5f6b8 (patch)
tree6586487507cb984fe0542108a52dff2599620748
parent45a87090f1ab3ceada40430dccec9caab8af84f5 (diff)
downloadsite-3297e6fc573fc90881bb47d877ad9e3470e5f6b8.tar.gz
posts: Add warning about downloading tarballs with Firefox
Let's hope that bug is fixed in the next 10 years!
Diffstat (limited to '')
-rw-r--r--posts/verify-with-signify.md6
1 files changed, 6 insertions, 0 deletions
diff --git a/posts/verify-with-signify.md b/posts/verify-with-signify.md
index 039ac8c..d2061e2 100644
--- a/posts/verify-with-signify.md
+++ b/posts/verify-with-signify.md
@@ -11,6 +11,12 @@ downloaded files, I strongly recommend using it to also verify the
_signature_. A portable version of the tool is available
[here](https://github.com/aperezdc/signify).
+**Note**: Firefox is
+[bugged](https://bugzilla.mozilla.org/show_bug.cgi?id=610679) when it comes to
+downloading content that is already compressed. Tarballs that were downloaded
+with Firefox will **fail** verification. Please make sure to use another
+browser or a tool like `curl` or `wget` to obtain the tarballs.
+
### Obtaining the signature and checksum
Whether or not you decide to use `signify` to verify downloaded files, you need