I’m sure some of you are using Waterfox in favor of Firefox. In case you are updating it via tarball from the [website]( Download | Waterfox ), do you verify the downloaded file each time?
IMHO, the process described on the website is garbage, or I missed something.
Do they really expect I’d click on the Copy hash link, create a .sha512 file, insert the clipboard content, save the file, and run the verification?
Why isn’t it possible to download the SHA file like other sites do?
Waterfox is available as a package in Debian.
It also has a flatpak.
Both those are better than downloading a tarball
Hmm, the only package I found is for/from openSUSE, which I dont want.
And Flatpak, I avoid that like the devil avoids holy water.
Hi Alfred,
I’ve been having some problems obtaining shasums and have been using scripts for this purpose.
I made this script for you to obtain the Waterfox shasum, I hope it works.
Create a file with the name you want, change the directory you want in working_dir (it’s set to Downloads) and save it with this code and :
#!/bin/bash
working_dir="${HOME}/Downloads"
cd $working_dir
url="https://www.waterfox.net/download/"
# Fetch html form Waterfox download page
html_content=$(curl -s "$url")
# Extract the data-clipboard-text for .bz2 files
output=$(echo "$html_content" | grep -oP 'data-clipboard-text="\K[^"]+' | grep '\.bz2')
# Get the filename
if [ -n "$output" ]; then
read -r hash filename <<< "$output"
# Save the output to a .sha512 file with the dynamic name
sha512_file="${filename}.sha512"
echo "$output" > "$sha512_file"
echo "Saved to $sha512_file"
# Verify the checksum
echo "Verifying checksum..."
sha512sum -c "$sha512_file"
else
echo "Error trying to detect get sha512 on site with this bash script."
fi
Download the program to the same directory as working_dir and run the script.
I hope it’s useful.
Please note: in case of any doubt or error, always be suspicious of my script
Jorge
Hey, you’re my man, Jorge! Thanks a lot.
Waterfox is also in the Galaxy repository of Artix
Installed it in both my virtualbox Artix’s with Moksha and TDE as desktop and it looks good!
Just like Firefox,but much more security and almost no Google.
To get rid of probably the last Google go into about:config,put search in the searbar and you see 2 more googl-entries!
@Tech_JA An update: I just detected that a .sha256 file can be downloaded by adding the .sha256 extension to the tarball’s URL. Thus the script is no longer needed.
Hi Alfred,
Thanks for the tip, I didn’t know it was possible.
Jorge