As in the title - we *NEED* the ability to verify file integrity when downloading these installers.

GOG Checksum Lookup from xmanacollectorx or the fork from Velitar which lets you download the checksums. You'll need a browser add-on like ViolentMonkey to run user scripts.

Alternatively, you can append .xml to the download link and open that in your browser. That's the actual file link for the running or completed download (currently hosted by Fastly), not what you initially click on.

Maybe it's time to create a new thread "Ask Ice_Mage".

Seriously though, good to know.

I tend to agree. XD

Remember JMich?

I swear, when it came to questions in regard to GOG, that guy did know more than the GOG guys themselves.

Haven't seen him post anything in quite some time, though.

I guess, he did the sane thing, and removed himself from this forums (or is only reading along silently, these days).

That they're obtainable by those who know how doesn't change the fact that GOG doesn't provide them directly. It'd be very easy to add a clickable "MD5" (or something) next to file size that will display it when clicked.

But, of course, that'd imply them caring about offline installers...

GOG do provide them, just not easily, along with the exact byte size, which they also do for the extras.

Many of us use a third party downloading program that uses the GOG SDK or API. So the likes of gogcli.exe and gogrepo.py and Lgogdownloader obtain the MD5 values and or byte sizes.

If you don't wish to use one of them or the other method mentioned, then each GOG offline installer file (EXE or BIN package) contains a list of MD5 values for each file within. That is what is used for integrity checking at install time, or you can use the free program InnoExtract with the test option. Be aware though, checking each individual file can take a long time when it comes to 4 GB BIN files with thousands of files within.

This is a good idea (md5, sha-1, etc). In fact, if you search for "checksum" in the community wishlist (in the features tab) you'll find a number of entries requesting exactly this (searching for "hash" will list a few additional entries). There is a particular entry with more than 1000 votes that has comments dating back to 2012. Hopefully it won't take 10 more years until something like this is implemented.

And one can indeed get MD5 from the files in most file explorers that aren't Windows Explorer. Dolphin File Manager for example, has a checksum and hash checker built into the file properties dialogue.

That doesn't help quantify the expected hash, but it's a start.

*shrug*
> certutil -hashfile [file] [hash_type]

You never know I guess, but the issue I think, is that GOG want you to use Galaxy, which no doubt has the appropriate MD5 etc checking built in.

Checking also occurs when you install a game. So from GOG's perspective, to provide MD5 values for every download in our library pages, is just more work, that they can do without, them not having enough time as it is for all they should be doing. If you don't use the 'optional' Galaxy, then that's your problem, is no doubt their thinking.

Galaxy can not only install a game, but it can also download the Offline Installers for you. I don't like using it for either purpose, and especially consider installing with Galaxy, as not being what GOG is really about.