Github APK Release Signing Certificate Hash?

[hashcatHitman]

Does anyone know if the SHA-256 hash of the certificate used to sign the APK found in the GitHub releases is published anywhere? I'd like to download Canta with Obtainium and verify it with AppVerifier.

[samolego]

The SHA-256 can now be viewed in each action run.

[hashcatHitman]

Hi, thanks for looking at this. I'm not sure the hash produced is the one I'm looking for, sorry if I've worded it poorly. You should be able to find it using the Gradle signingReport command.

The hash I'm looking for should match the hash given by apksigner verify --print-certs YOURAPK.apk for the Signer #1 certificate SHA-256 digest. It shouldn't change unless you change your signing key.

[samolego]

Ah ok. Yeah sorry, didn't really know what you meant ... will fix it

[samolego]

Should be this one:
SHA-256:

0A:26:40:31:7C:43:27:21:88:C3:E1:31:94:C1:54:60:69:1F:12:C3:9E:A1:9B:BA:72:7D:D6:7F:B5:62:89:D4