Add Enabling usePackageHashValidation Feature to ClientSetup Script #247
Assignees
Labels
3 - Review
This is for tickets that need to be reviewed prior to being complete.
ChocolateyForBusinessAzure
Issue affects Chocolatey For Business in Azure Environment. Note the issue will be synced there.
Enhancement
Enhancements are things that are improvements or features.
Security
Related to security in some way. Much of what we do is centered around security and this is higher.
Comments
ryanrichter94
added
Enhancement
ryanrichter94
added
1 - Ready
steviecoaster
added a commit
to steviecoaster/choco-quickstart-scripts
that referenced
this issue
Sep 6, 2024
With Chocolatey 2.3.0 we introduced a feature which will validate the checksum of a downloaded nupkg with the SHA512 checksum that the repository reports. This increases confidence that the nupkg you are installing is in fact the nupkg you expect
10 tasks
steviecoaster
added a commit
to steviecoaster/choco-quickstart-scripts
that referenced
this issue
Sep 6, 2024
With Chocolatey 2.3.0 we introduced a feature which will validate the checksum of a downloaded nupkg with the SHA512 checksum that the repository reports. This increases confidence that the nupkg you are installing is in fact the nupkg you expect. This change enables the feature on the server as it is being setup, and adds the command to turn on the feature to the ClientSetup script.
steviecoaster
added a commit
to steviecoaster/choco-quickstart-scripts
that referenced
this issue
Sep 6, 2024
With Chocolatey 2.3.0 we introduced a feature which will validate the checksum of a downloaded nupkg with the SHA512 checksum that the repository reports. This increases confidence that the nupkg you are installing is in fact the nupkg you expect. This change enables the feature on the server as it is being setup, and adds the command to turn on the feature to the ClientSetup script.
JPRuskin
pushed a commit
to steviecoaster/choco-quickstart-scripts
that referenced
this issue
Sep 24, 2024
With Chocolatey 2.3.0 we introduced a feature which will validate the checksum of a downloaded nupkg with the SHA512 checksum that the repository reports. This increases confidence that the nupkg you are installing is in fact the nupkg you expect. This change enables the feature on the server as it is being setup, and adds the command to turn on the feature to the ClientSetup script.
JPRuskin
pushed a commit
to steviecoaster/choco-quickstart-scripts
that referenced
this issue
Sep 30, 2024
With Chocolatey 2.3.0 we introduced a feature which will validate the checksum of a downloaded nupkg with the SHA512 checksum that the repository reports. This increases confidence that the nupkg you are installing is in fact the nupkg you expect. This change enables the feature on the server as it is being setup, and adds the command to turn on the feature to the ClientSetup script.
JPRuskin
pushed a commit
to steviecoaster/choco-quickstart-scripts
that referenced
this issue
Sep 30, 2024
With Chocolatey 2.3.0 we introduced a feature which will validate the checksum of a downloaded nupkg with the SHA512 checksum that the repository reports. This increases confidence that the nupkg you are installing is in fact the nupkg you expect. This change enables the feature on the server as it is being setup, and adds the command to turn on the feature to the ClientSetup script.
ryanrichter94
added
3 - Review
JPRuskin
pushed a commit
to steviecoaster/choco-quickstart-scripts
that referenced
this issue
Oct 15, 2024
With Chocolatey 2.3.0 we introduced a feature which will validate the checksum of a downloaded nupkg with the SHA512 checksum that the repository reports. This increases confidence that the nupkg you are installing is in fact the nupkg you expect. This change enables the feature on the server as it is being setup, and adds the command to turn on the feature to the ClientSetup script.
JPRuskin
pushed a commit
to steviecoaster/choco-quickstart-scripts
that referenced
this issue
Oct 18, 2024
With Chocolatey 2.3.0 we introduced a feature which will validate the checksum of a downloaded nupkg with the SHA512 checksum that the repository reports. This increases confidence that the nupkg you are installing is in fact the nupkg you expect. This change enables the feature on the server as it is being setup, and adds the command to turn on the feature to the ClientSetup script.
JPRuskin
added a commit
that referenced
this issue
Oct 18, 2024
(#247) Enable packageHashValidation feature
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Checklist
Is Your Feature Request Related To A Problem? Please describe.
With the introduction of the new usePackageHashValidation Feature with Chocolatey V 2.3.0 this seems like a no brainer to add to our standard ClientSetup client config we ship.
Describe The Solution. Why is it needed?
Adding this would be another tip in the hat to security since we setup all of our environments to pull packages out of Nexus, which supports hosting the SHA512 hash of the packages hosted in it.
Additional Context
No response
Related Issues
No response
┆Issue is synchronized with this Github issue by Unito
The text was updated successfully, but these errors were encountered: