Description
CI fetches the pinned upstream FABLE-5 source and validates the coverage matrix against it. The pinned commit is good, but adding a checksum check for the downloaded file would make the release/CI path more robust against unexpected content drift or fetch mistakes.
Acceptance Criteria
- Store the expected SHA256 for the pinned FABLE-5 source.
- After fetching the source in CI, verify the downloaded file hash.
- Fail CI if the hash does not match.
- Document how to update the expected hash when the pin changes.
- Add or update tests so the checksum verification path is covered.
Notes
Keep this stdlib/shell-only if possible; avoid adding heavyweight dependencies.
Description
CI fetches the pinned upstream FABLE-5 source and validates the coverage matrix against it. The pinned commit is good, but adding a checksum check for the downloaded file would make the release/CI path more robust against unexpected content drift or fetch mistakes.
Acceptance Criteria
Notes
Keep this stdlib/shell-only if possible; avoid adding heavyweight dependencies.