Verifying releases
How to verify the integrity of downloaded Testnizer installers using SHA-256 checksums.
Every release published to github.com/apinizer/testnizer includes SHA-256 checksums for each artifact. Verifying them confirms the file you downloaded arrived intact and was not tampered with in transit.
Where to find checksums
Each release page lists a checksums.txt file alongside the installers. It
contains one line per artifact:
a3f8… Testnizer-1.4.10-arm64.dmg
c91b… Testnizer-1.4.10-x64.dmg
e54a… Testnizer-1.4.10-x64.exe
2d77… Testnizer-1.4.10-amd64.deb
…(One sha256 filename line per artifact — standard sha256sum format.)
Verifying on macOS / Linux
shasum -a 256 Testnizer-1.4.10-arm64.dmgCompare the output hash with the matching line in checksums.txt. They must
match exactly. To check every file you downloaded at once, run
shasum -a 256 -c checksums.txt from the download folder.
Verifying on Windows (PowerShell)
Get-FileHash .\Testnizer-1.4.10-x64.exe -Algorithm SHA256Compare the Hash field against checksums.txt.
Air-gapped install
For fully isolated networks:
- On a connected machine, open the
latest release
and download the installer for your platform plus
checksums.txt - Verify the SHA-256 as above
- Transfer the installer to the isolated machine via USB / SFTP / your air-gap gateway
- Install normally
After installation, disable the auto-update check on the isolated machine: Settings → Updates → Automatic update check → off.
Release integrity
Releases are built by GitHub Actions on isolated per-OS runners. The workflow logs and artifact upload steps are publicly visible at github.com/apinizer/testnizer so you can trace each artifact back to the exact build run that produced it.
Reporting issues
Open an issue at github.com/apinizer/testnizer/issues.
Security issues — use GitHub’s private security advisory channel (Report a vulnerability privately) rather than opening a public issue.