@node Download
@unnumbered Download
-@set VERSION 4.6
-
No additional dependencies except Python 2.7/3.x interpreter are required.
Preferable way is to download tarball with the signature:
@example
-$ [fetch|wget] http://pygost.cypherpunks.ru/pygost-@value{VERSION}.tar.xz
-$ [fetch|wget] http://pygost.cypherpunks.ru/pygost-@value{VERSION}.tar.xz.sig
-$ gpg --verify pygost-@value{VERSION}.tar.xz.sig pygost-@value{VERSION}.tar.xz
-$ xz --decompress --stdout pygost-@value{VERSION}.tar.xz | tar xf -
+$ [fetch|wget] http://www.pygost.cypherpunks.ru/pygost-@value{VERSION}.tar.zst
+$ [fetch|wget] http://www.pygost.cypherpunks.ru/pygost-@value{VERSION}.tar.zst.asc
+$ gpg --verify pygost-@value{VERSION}.tar.zst.asc pygost-@value{VERSION}.tar.zst
+$ zstd -d < pygost-@value{VERSION}.tar.zst | tar xf -
$ cd pygost-@value{VERSION}
$ python setup.py install
@end example
@include download.texi
-But also you can use pip (@strong{no} OpenPGP authentication is
-performed!) with PyPI:
-
-@example
-$ echo pygost==@value{VERSION} --hash=sha256:caa640c8d767940c6807abb618cd54c5f96015b7e81d9931cac13c405336b032 > requirements.txt
-$ pip install --requirement requirements.txt
-@end example
-
You @strong{have to} verify downloaded tarballs integrity and
authenticity to be sure that you retrieved trusted and untampered
software. @url{https://www.gnupg.org/, GNU Privacy Guard} is used
@itemize
-@item @url{https://lists.cypherpunks.ru/mailman/listinfo/gost, gost} maillist
+@item @url{http://lists.cypherpunks.ru/gost.html, gost} maillist
@item
@example
$ gpg --auto-key-locate dane --locate-keys pygost at cypherpunks dot ru
-$ gpg --auto-key-locate wkd --locate-keys pygost at cypherpunks dot ru
+$ gpg --auto-key-locate wkd --locate-keys pygost at cypherpunks dot ru
@end example
@item