Hash Verification Workflow (SHA-256 + MD5)

For modern integrity verification, SHA-256 should be your default. MD5 is still useful for legacy compatibility checks.

Process

1. Generate source hash before upload/release.
2. Publish hash in release notes or manifest.
3. Re-hash downloaded artifact and compare.
4. Fail deployment if mismatch occurs.

Use: SHA-256 and MD5.