You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Releases are created automatically and signed using the [Node team's GPG key](https://pgp.mongodb.com/node-driver.asc). This applies to the git tag as well as all release packages provided as part of a GitHub release. To verify the provided packages, download the key and import it using gpg:
```
gpg --import node-driver.asc
```
The GitHub release contains a detached signature file for the NPM package (named
`mongodb-legacy-X.Y.Z.tgz.sig`).
Expand All
@@ -78,6 +84,10 @@ Using the result of the above command, a `curl` command can return the official
To verify the integrity of the downloaded package, run the following command:
No verification is done when using npm to install the package. To ensure release integrity when using npm, download the tarball manually from the GitHub release, verify the signature, then install the package from the downloaded tarball using `npm install mongodb-legacy-X.Y.Z.tgz`.
