Verify Download

Verify the integrity of your Basis installer before running it to ensure the file has not been tampered with.

Why Verify?

Verifying the SHA-256 checksum confirms that:

• The file was not corrupted during download.
• The file has not been modified by a third party (supply chain integrity).

Finding the Checksum

The official SHA-256 checksum for each release is published on the Releases page alongside the download link.

Verifying on Windows

1. Open PowerShell (no admin required).
2. Navigate to the download folder:

   cd "$env:USERPROFILE\Downloads"
   

3. Run the checksum:

   Get-FileHash BasisSetup-v2026.exe -Algorithm SHA256
   

4. Compare the output hash with the value on the releases page. They must match exactly.

Verifying on Linux / macOS

sha256sum BasisServer-v2026.tar.gz

Compare the output with the published checksum.

What to Do If They Don't Match

1. Delete the downloaded file immediately.
2. Re-download from the official releases page: github.com/dev-basis/basis-dist.
3. Verify again.
4. If the mismatch persists, contact support@basis-apps.net.

Warning: Never run an installer whose checksum does not match. A mismatched hash indicates file corruption or possible tampering.

PGP Signature (Advanced)

Each release is also signed with the Basis PGP key for additional verification. The public key is available at basis-apps.net/pgp.

gpg --verify BasisSetup-v2026.exe.sig BasisSetup-v2026.exe

A valid signature confirms the file came from the official Basis team.

Related

• Installation
• API