Open
Description
If the feature solves a problem you have, specify it here.
The ability for gh-r to validate checksums to ensure the correct binary is downloaded.
Describe the proposed feature.
There's a certain format many people use when uploading binaries (at least, to
GitHub). It's usually along the lines of $FILENAME.{'sum','sig'}. From there,
Zinit validates the relevant binaries.
When a .sig is available, the user provides a key and GPG binaries are
available, zinit can create a new GPG directory (e.g., $HOME/.gpg), import the
key from a keyserver, and then validate the binaries.
Describe alternatives you've considered
- Add an annex
- Built-in functionality
- Add an ice
Additional context
No response