From 56f7f0df0e5d118404e5ab3e3cdd622a1121c05a Mon Sep 17 00:00:00 2001
From: Paul Hammond <paul@paulhammond.org>
Date: Sat, 16 Apr 2022 11:26:14 -0700
Subject: [PATCH] Add sha-256 checksums to auditable build output

---
 .github/workflows/nightly.yml | 4 ++++
 .github/workflows/release.yml | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
index 231e49d..9bf7a43 100644
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -40,8 +40,12 @@ jobs:
       run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip
     - name: Document SHAs
       run: |
+            echo "sha-512:"
             shasum -a 512 Secretive.zip
             shasum -a 512 Archive.zip
+            echo "sha-256:"
+            shasum -a 256 Secretive.zip
+            shasum -a 256 Archive.zip
     - name: Upload App to Artifacts
       uses: actions/upload-artifact@v1
       with:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1245d81..d6beba2 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -64,8 +64,12 @@ jobs:
       run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip
     - name: Document SHAs
       run: |
+            echo "sha-512:"
             shasum -a 512 Secretive.zip
             shasum -a 512 Archive.zip
+            echo "sha-256:"
+            shasum -a 256 Secretive.zip
+            shasum -a 256 Archive.zip
     - name: Create Release
       id: create_release
       uses: actions/create-release@v1