Download
~~~~~~~~

.. comment
    .. begin stable

    Current Stable Version
    ''''''''''''''''''''''

    - `CHANGES file <http://storage.perlig.de/cdbx/CHANGES-0.2.6>`_
    - `cdbx-0.2.6.tar.xz <http://storage.perlig.de/cdbx/cdbx-0.2.6.tar.xz>`_
    - `cdbx-0.2.6.tar.bz2 <http://storage.perlig.de/cdbx/cdbx-0.2.6.tar.bz2>`_
    - `cdbx-0.2.6.tar.gz <http://storage.perlig.de/cdbx/cdbx-0.2.6.tar.gz>`_
    - `cdbx-0.2.6.zip <http://storage.perlig.de/cdbx/cdbx-0.2.6.zip>`_
    - `cdbx-0.2.6.digests <http://storage.perlig.de/cdbx/cdbx-0.2.6.digests>`_

    .. end stable


.. begin dev
.. end dev


Integrity Check
---------------

There are hashes (MD5, SHA1 and SHA256) of the download packages stored
in the `digests file
<http://storage.perlig.de/cdbx/cdbx-0.2.6.digests>`_\.
In order to check the integrity of the downloaded file, use a tool like
md5sum (or sha1sum, sha256sum accordingly), e.g.:

.. sourcecode:: console

    $ md5sum -c cdbx-0.2.6.digests
    cdbx-0.2.6.tar.bz2: OK
    cdbx-0.2.6.tar.gz: OK
    cdbx-0.2.6.tar.xz: OK
    cdbx-0.2.6.zip: OK

In order to check the integrity of the digest file itself, you can check
the PGP signature of that file. The file is signed by André Malo, Key-ID
0x029C942244325167:

.. sourcecode:: console

    $ gpg --verify cdbx-0.2.6.digests
    gpg: Signature made Sun Feb 16 13:37:44 2025 CET
    gpg:                using RSA key 21B65583FF640D34E8662B6B3DED446369F2EE1A
    gpg: Good signature from "André Malo <nd@perlig.de>"


.. vim: ft=rest tw=72
