From pypa/pip#5658, we could provide digests so users can verify that get-pip.py was downloaded correctly.
One use case could be during manual configuration of some server that does not have root CA certificates installed:
- Execute
curl --insecure -o get-pip.py https://bootstrap.pypa.io/get-pip.py on the server
- Run
sha256sum get-pip.py
- Navigate to
https://bootstrap.pypa.io/get-pip.py.sha256 in a web browser
- Compare the contents of that page with the output of
sha256sum
From pypa/pip#5658, we could provide digests so users can verify that get-pip.py was downloaded correctly.
One use case could be during manual configuration of some server that does not have root CA certificates installed:
curl --insecure -o get-pip.py https://bootstrap.pypa.io/get-pip.pyon the serversha256sum get-pip.pyhttps://bootstrap.pypa.io/get-pip.py.sha256in a web browsersha256sum