Verifying downloads

Verify archives of SlimerJS you downloaded

You can verify files you downloaded by checking their checksums. Checksums are stored in a file on

It's important to verify the checksum, to be sure that the file you have is not corrupted, and is the original one.

So, download the CHECKSUM file (see the download page). This is a file having the same name of the target file with an additional .asc extension. It contains a kind of big number for a specific package. Store it in the same directory of the package you downloaded.

Checking the authenticity of the checksum file

Even if it's better, you can skip the verification of the checksum file. Verifying the checksum file allow to be sure that the file is the original one, and has not been compromised.

Note: only checksum file for stable and official packages are signed.

The checksum file is signed with PGP. You have to install PGP program on your computer (GnuPG on linux). Following instructions are for made with GnuPG.

Then download our GPG public key: slimerjs-pubkey.gpg.

                curl | gpg --import

And launch the verification:

                gpg --verify-files *.asc

Verifying checksum of a package

Checksums have been calculated with sha256sum. You should install this software. After downloading the package and its corresponding .asc file, launch the verification:

                sha256sum -c *.asc