v1.9.0

This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.25.0.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

GitHub automatically computes SHA-256 checksums for all release assets, which you can see to the right of the asset names in the "Assets" section below. These are generated at upload time and are immutable. The build system also computes SHA-256 checksums of built executables, and these are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:

5a47940178d927afd06031ff2b93a48ee9216cdda504fe3b58660a7c161ac056  npiperelay_windows_386.exe
6e8755a361b8f643e083644291cd362ea267f2ae9eafe2af0a6283d584965df0  npiperelay_windows_386.zip
3d12330e5d15e9c049fcda725a6817813f93234c2ed2f570ee83718db84bf122  npiperelay_windows_amd64.exe
f30dd745b45433c7ac890307837d9af9a0a9b754e40035e57e0f3853a52e417e  npiperelay_windows_amd64.zip

Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

• 9c32472 Build with Go version 1.25 while still supporting 1.24
• e9a65cf Bump golangci/golangci-lint-action from 6 to 8
• 62c3e6a Migrate golangci-lint configuration from v1 to v2
• ece997c Add note about GitHub generated asset checksums
• 490352e Bump actions/checkout from 4 to 5
• dd2ec5d Bump golang.org/x/sys from 0.34.0 to 0.35.0

(Application executable in release assets built with Go version 1.25.0).

v1.8.2

This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.24.5.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:

a4c56fa638c248c14965d37475eb461b6d1790dc73217fab4a7a1a8dcb50bb0d  npiperelay_windows_386.exe
4b4ffeac0f683901f6ebf0e46c19d15a5951b230da6d0a1d2f4e9354b5d31f6a  npiperelay_windows_386.zip
079f0b5b6d7f519f08a86621368c3b9dad500fcc84b0ec14facc3bf1cebf8061  npiperelay_windows_amd64.exe
96cc4d962e5cd4931e2fb252fb7174f15adeed89098a8375736ea80e5e941c77  npiperelay_windows_amd64.zip

Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

• 88d8d2a Bump golang.org/x/sys from 0.33.0 to 0.34.0

(Application executable in release assets built with Go version 1.24.5).

v1.8.1

This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.24.3.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:

383f6b032580e536757371da0d909dc1583e9d654703d9c03bc87adb88068bd8  npiperelay_windows_386.exe
e6908396f6c759944eed1a7ab79f29c8f7094f0ad410aca55dc9d3dd20008889  npiperelay_windows_386.zip
3bab635f4142e97680d7e02ad43c2a08118ad9c73ed3423bdfa7fa09c539a6d3  npiperelay_windows_amd64.exe
c99ce163aefd3de4a3177e5065f745b1bdb5d7e1bced0112d36da7e4d813b372  npiperelay_windows_amd64.zip

Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

• dfa9d0c Bump golang.org/x/sys from 0.31.0 to 0.33.0
• 372297a Bump golang.org/x/sys from 0.30.0 to 0.31.0

(Application executable in release assets built with Go version 1.24.3).

v1.8.0

This is a release of my forked project, from branch fork.

In addition to the usual maintenance, this adds two new features thanks to contributions from @SunMar. Thank you very much 👏. It also upgrades to the newly released 1.24 version of Go. See below for full changelog, listing all commits since previous fork release.

The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.24.0.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:

730780838d807d9a0e121e7e77bba2658c140c2276578d28f9608b3fbef6d0c5  npiperelay_windows_386.exe
92dcc8713578fcc1be90bc7ce7a753c7e648cef0faebccd450d62a58725b33ab  npiperelay_windows_386.zip
91124fe939feb0cbcf714f91c82d706f92c2ba2de233e574300207870a6a9859  npiperelay_windows_amd64.exe
079be5515bcc150bf774170e182033f5e289a7bdfa10e514d6bf86fd0456da20  npiperelay_windows_amd64.zip

Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

• 8980a7b Upgrade Go version from 1.23 to 1.24
• 46e2047 Add -l argument to limit polling attempts to max 300 (#53)
• 2f1a607 Add support for libassuan file sockets (WinGnuPG support) (#52)
• 543dc70 Bump golang.org/x/sys from 0.29.0 to 0.30.0

(Application executable in release assets built with Go version 1.24.0).

v1.7.2

This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.23.5.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:

d746ad64301dd2c837376da69d5bdc96552230d4c37ae85d26a35f8ec5f083ea  npiperelay_windows_386.exe
a347978da41f6adf3d2d1fb83fa33c741e2305578b60dcede6737acfe8e7ac49  npiperelay_windows_386.zip
39c1605c4df6c8f20c842b753d28b830d23fc302ee95148125b8fcb6834a0922  npiperelay_windows_amd64.exe
e98f1aa2b6984ab153f423f070b8ebc101c3a2050fe7c088c5969d681ddc42f9  npiperelay_windows_amd64.zip

Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

• 0714957 Replace NewLazyDLL with NewLazySystemDLL
• 71bab11 Bump golang.org/x/sys from 0.28.0 to 0.29.0
• 3135e0e Bump golang.org/x/sys from 0.27.0 to 0.28.0

(Application executable in release assets built with Go version 1.23.5).

v1.7.1

This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.23.3.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:

7991ce25702256d19542e32e66f3fc2b23b2a37a1cf98c6ec1614751a01f39bc  npiperelay_windows_386.exe
a6e2d1569a7f73ea60284838634cbb81259a88204cec8e4214419588d082148a  npiperelay_windows_386.zip
51ab37b32f345ec384dd4ff560e88d7e723f7165e7d0432a10d14140ac0a3405  npiperelay_windows_amd64.exe
d8c955c7492894cafd56b16122f5881e7d0804d4ac0fc4b233ca988c4ed951ff  npiperelay_windows_amd64.zip

Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyze the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

• bee43b2 Update vendoring for golang.org/x/sys 0.27.0
• 0894621 Bump golang.org/x/sys from 0.26.0 to 0.27.0
• 4bbe80e Bump golang.org/x/sys from 0.25.0 to 0.26.0
• 7d88e56 Simplify inputs in github workflow
• 335bc4b Change to inputs context in github workflow
• 66d6c7f Bump golang.org/x/sys from 0.24.0 to 0.25.0

(Application executable in release assets built with Go version 1.23.3).

v1.7.0

This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.23.0.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:

468967e4326d591da0771472b9360bddf3bc81f66e6c4f12601d37182ac4db1c  npiperelay_windows_386.exe
626f1364536da510ecf8d0641819adf131d8f4dd5e4f0cd80cddb249dfea75cf  npiperelay_windows_386.zip
1492e6ff3ecce906918436eee2eaae94aee7bba7b532dd6f13768a3b8c4488e4  npiperelay_windows_amd64.exe
95e823ac6f65f7bbf1c3a8cdf871621de6dc3c213f04ddb4baa372c647cf55d0  npiperelay_windows_amd64.zip

Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

• 892e8e2 Upgrade Go version from 1.22 to 1.23
• 5d4c4e0 Bump golang.org/x/sys from 0.23.0 to 0.24.0
• 1d9d38d Bump golang.org/x/sys from 0.22.0 to 0.23.0
• 0d67fa2 Bump golang.org/x/sys from 0.21.0 to 0.22.0

(Application executable in release assets built with Go version 1.23.0).

v1.6.3

This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.22.5.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

• 929df0f Bump goreleaser configuration to v2
• 4f825fc Bump goreleaser/goreleaser-action from 5 to 6
• 3ba90d5 Bump golang.org/x/sys from 0.20.0 to 0.21.0
• f31799c Fix new lint issues reported by golangci-lint v1.59.0
• 2889be9 Bump golangci/golangci-lint-action from 5 to 6
• 26bbed2 Bump golang.org/x/sys from 0.19.0 to 0.20.0
• 8010db1 Bump golangci/golangci-lint-action from 4 to 5
• a4f2967 Disable golangci-lint caching of go modules and build output
• 765b72a Remove typecheck from golangci-lint config
• 0a76caf Keep lf endings in go.mod and go.sum even on windows

(Application executable in release assets built with Go version 1.22.5).

v1.6.2

This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.22.2.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:

e8cfbb77f0945cc8b54b7bc52fe6d01ef1f8f4ec3645ce1ee3cedbc598c406d7  npiperelay_windows_386.exe
388b0da79cb493e5694ec6a7660b85f5e60d729fd7e59f69f2c980c02a28a64e  npiperelay_windows_386.zip
c3b3fc83491c7fb8b8716f82b0d7c1d61f927f9e7eab5a15fe7ac41546c04cde  npiperelay_windows_amd64.exe
986d52900173ca0ee67807abbeed6a529ca2013b75c726934b5463cf34b3bcca  npiperelay_windows_amd64.zip

Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

• 98b61e5 Bump golang.org/x/sys from 0.18.0 to 0.19.0

(Application executable in release assets built with Go version 1.22.2).

v1.6.1

This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.22.2.

About this fork

This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.

Checksums

The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.

These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:

79e61ca9dfca153d5d70e8702e4e6b1333ef2792005622294e5b8dac5209493a  npiperelay_windows_386.exe
3e5b5e36c3e579c2977c13d894ca5891a4f5cdb72d2bd40d8f99a2836d1d87ff  npiperelay_windows_386.zip
58668e3ebba6999ee4b71ade166c4348fd8befb01fe26b88f849db8a08f40996  npiperelay_windows_amd64.exe
e41cbc5352d2ca2e6f3b9bb5798480c40a2121c473c9091f35b0813039e20c02  npiperelay_windows_amd64.zip

Antivirus

If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.

Changelog

Commits since previous fork release:

• b956a71 Bump golang.org/x/sys from 0.17.0 to 0.18.0
• 74a99d8 Bump golangci/golangci-lint-action from 3 to 4
• b891a8b Bump golang.org/x/sys from 0.16.0 to 0.17.0

(Application executable in release assets built with Go version 1.22.2).