Verifying A Download

I am relatively new to GitHub and have in the past downloaded a few programs but have not verified the SHA1 on the page with the commit hash to the SHA1 of the downloaded file. Should the commit SHA1, such as what is present in the project fatih/color which is 3f9d52f7176a6927daacff70a3e8d1dc2025c53e match the SHA1 of the downloaded file? In this particular project I am getting a different SHA1 value. I downloaded the file color-3f9d52f7176a6927daacff70a3e8d1dc2025c53e.zip but it has a SHA1 of fb79b38a56bc62ece1c7df61138207c3b7359ff1. Am I missing something or is this a potentially modified file?

1 Like

Hi @mcertini,

This post was moved to a different board that fits your topic of discussion a bit better. This means you’ll get better engagement on your post, and it keeps our community organized so users can more easily find information.

As you’ll notice, your topic is now here in the How to use Git and GitHub board. No action is needed on your part; you can continue the conversation as normal here.

Cheers!

Andrea