Would you say chocolatey's hash verification is not a waste of time, since it stores the hashes in the repository, far from where a compromise of the application developer's site could reach?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Would you say
chocolatey's hash verification is not a waste of time, since it stores the hashes in the repository, far from where a compromise of the application developer's site could reach?