Releases: albertony/npiperelay
v1.8.0
This is a release of my forked project, from branch fork.
In addition to the usual maintenance, this adds two new features thanks to contributions from @SunMar. Thank you very much 👏. It also upgrades to the newly released 1.24 version of Go. See below for full changelog, listing all commits since previous fork release.
The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.24.0.
About this fork
This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.
Checksums
The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.
These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:
730780838d807d9a0e121e7e77bba2658c140c2276578d28f9608b3fbef6d0c5 npiperelay_windows_386.exe
92dcc8713578fcc1be90bc7ce7a753c7e648cef0faebccd450d62a58725b33ab npiperelay_windows_386.zip
91124fe939feb0cbcf714f91c82d706f92c2ba2de233e574300207870a6a9859 npiperelay_windows_amd64.exe
079be5515bcc150bf774170e182033f5e289a7bdfa10e514d6bf86fd0456da20 npiperelay_windows_amd64.zip
Antivirus
If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.
Changelog
Commits since previous fork release:
- 8980a7b Upgrade Go version from 1.23 to 1.24
- 46e2047 Add -l argument to limit polling attempts to max 300 (#53)
- 2f1a607 Add support for libassuan file sockets (WinGnuPG support) (#52)
- 543dc70 Bump golang.org/x/sys from 0.29.0 to 0.30.0
(Application executable in release assets built with Go version 1.24.0).
Contributors
Assets 7
v1.7.2
This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.23.5.
About this fork
This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.
Checksums
The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.
These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:
d746ad64301dd2c837376da69d5bdc96552230d4c37ae85d26a35f8ec5f083ea npiperelay_windows_386.exe
a347978da41f6adf3d2d1fb83fa33c741e2305578b60dcede6737acfe8e7ac49 npiperelay_windows_386.zip
39c1605c4df6c8f20c842b753d28b830d23fc302ee95148125b8fcb6834a0922 npiperelay_windows_amd64.exe
e98f1aa2b6984ab153f423f070b8ebc101c3a2050fe7c088c5969d681ddc42f9 npiperelay_windows_amd64.zip
Antivirus
If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.
v1.7.1
This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.23.3.
About this fork
This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.
Checksums
The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.
These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:
7991ce25702256d19542e32e66f3fc2b23b2a37a1cf98c6ec1614751a01f39bc npiperelay_windows_386.exe
a6e2d1569a7f73ea60284838634cbb81259a88204cec8e4214419588d082148a npiperelay_windows_386.zip
51ab37b32f345ec384dd4ff560e88d7e723f7165e7d0432a10d14140ac0a3405 npiperelay_windows_amd64.exe
d8c955c7492894cafd56b16122f5881e7d0804d4ac0fc4b233ca988c4ed951ff npiperelay_windows_amd64.zip
Antivirus
If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyze the code yourself, and you can also build the executable locally from source.
Changelog
Commits since previous fork release:
- bee43b2 Update vendoring for golang.org/x/sys 0.27.0
- 0894621 Bump golang.org/x/sys from 0.26.0 to 0.27.0
- 4bbe80e Bump golang.org/x/sys from 0.25.0 to 0.26.0
- 7d88e56 Simplify inputs in github workflow
- 335bc4b Change to inputs context in github workflow
- 66d6c7f Bump golang.org/x/sys from 0.24.0 to 0.25.0
(Application executable in release assets built with Go version 1.23.3).
v1.7.0
This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.23.0.
About this fork
This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.
Checksums
The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.
These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:
468967e4326d591da0771472b9360bddf3bc81f66e6c4f12601d37182ac4db1c npiperelay_windows_386.exe
626f1364536da510ecf8d0641819adf131d8f4dd5e4f0cd80cddb249dfea75cf npiperelay_windows_386.zip
1492e6ff3ecce906918436eee2eaae94aee7bba7b532dd6f13768a3b8c4488e4 npiperelay_windows_amd64.exe
95e823ac6f65f7bbf1c3a8cdf871621de6dc3c213f04ddb4baa372c647cf55d0 npiperelay_windows_amd64.zip
Antivirus
If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.
Changelog
Commits since previous fork release:
- 892e8e2 Upgrade Go version from 1.22 to 1.23
- 5d4c4e0 Bump golang.org/x/sys from 0.23.0 to 0.24.0
- 1d9d38d Bump golang.org/x/sys from 0.22.0 to 0.23.0
- 0d67fa2 Bump golang.org/x/sys from 0.21.0 to 0.22.0
(Application executable in release assets built with Go version 1.23.0).
v1.6.3
This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.22.5.
About this fork
This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.
Checksums
The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.
Antivirus
If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.
Changelog
Commits since previous fork release:
- 929df0f Bump goreleaser configuration to v2
- 4f825fc Bump goreleaser/goreleaser-action from 5 to 6
- 3ba90d5 Bump golang.org/x/sys from 0.20.0 to 0.21.0
- f31799c Fix new lint issues reported by golangci-lint v1.59.0
- 2889be9 Bump golangci/golangci-lint-action from 5 to 6
- 26bbed2 Bump golang.org/x/sys from 0.19.0 to 0.20.0
- 8010db1 Bump golangci/golangci-lint-action from 4 to 5
- a4f2967 Disable golangci-lint caching of go modules and build output
- 765b72a Remove typecheck from golangci-lint config
- 0a76caf Keep lf endings in go.mod and go.sum even on windows
(Application executable in release assets built with Go version 1.22.5).
v1.6.2
This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.22.2.
About this fork
This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.
Checksums
The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.
These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:
e8cfbb77f0945cc8b54b7bc52fe6d01ef1f8f4ec3645ce1ee3cedbc598c406d7 npiperelay_windows_386.exe
388b0da79cb493e5694ec6a7660b85f5e60d729fd7e59f69f2c980c02a28a64e npiperelay_windows_386.zip
c3b3fc83491c7fb8b8716f82b0d7c1d61f927f9e7eab5a15fe7ac41546c04cde npiperelay_windows_amd64.exe
986d52900173ca0ee67807abbeed6a529ca2013b75c726934b5463cf34b3bcca npiperelay_windows_amd64.zip
Antivirus
If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.
Changelog
Commits since previous fork release:
- 98b61e5 Bump golang.org/x/sys from 0.18.0 to 0.19.0
(Application executable in release assets built with Go version 1.22.2).
v1.6.1
This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.22.2.
About this fork
This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.
Checksums
The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.
These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:
79e61ca9dfca153d5d70e8702e4e6b1333ef2792005622294e5b8dac5209493a npiperelay_windows_386.exe
3e5b5e36c3e579c2977c13d894ca5891a4f5cdb72d2bd40d8f99a2836d1d87ff npiperelay_windows_386.zip
58668e3ebba6999ee4b71ade166c4348fd8befb01fe26b88f849db8a08f40996 npiperelay_windows_amd64.exe
e41cbc5352d2ca2e6f3b9bb5798480c40a2121c473c9091f35b0813039e20c02 npiperelay_windows_amd64.zip
Antivirus
If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.
v1.6.0
This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.22.0.
About this fork
This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.
Checksums
The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.
These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:
f705f382ce0455be1a5e72b6b42e59f4c11deb968f0435b5f7816f41c36d78c5 npiperelay_windows_386.exe
fad2292be310250b3b5f827705dea46285adf02a7d6be6c2554fbbf9104adb2e npiperelay_windows_386.zip
01ec20a2314bfa736f5c0b8cfd393200f6fb41b99e366ef4ceb7ab76256ce14f npiperelay_windows_amd64.exe
be8e922b252a08b2a29b8251bf452dddd77e0e002e01a5e8e161911d3c4b86c1 npiperelay_windows_amd64.zip
Antivirus
If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.
Changelog
Commits since previous fork release:
- c3c9e06 Upgrade Go version from 1.21 to 1.22
- ce139a8 Bump golang.org/x/sys from 0.15.0 to 0.16.0
- 114b012 Bump github/codeql-action from 2 to 3
- 392fa8f Bump actions/setup-go from 4 to 5
- 7907d6a Bump golang.org/x/sys from 0.13.0 to 0.15.0
- b8c8862 Fix GoReleaser changelog by fetching all history
(Application executable in release assets built with Go version 1.22.0).
v1.5.1
This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.21.3.
About this fork
This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.
Checksums
The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.
These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:
0216c7baaf4d0572a7bed85da62079b86e23b829f04c25fe577a7dd9b1c679e0 npiperelay_windows_386.exe
3f1b09ef38a7e1dd5cd3ab8fbccf6ae0c7742ecefe764815e76d94a21a1c9937 npiperelay_windows_amd64.zip
4f29a6a758e6dd7410741c44a63428ea2e59f98f749b62b89763542cd33bdb8f npiperelay_windows_amd64.exe
ba4f92ca545edf9e57b4c03ee37408f661175e00bcbd913e2c7650f2ba5d3742 npiperelay_windows_386.zip
Antivirus
If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through vulnerability analysis, using Go's govulncheck and GitHub's CodeQL, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.
Changelog
Commits since previous fork release:
- a50d680 Bump golang.org/x/sys from 0.12.0 to 0.13.0
- dee0642 Bump golang.org/x/sys from 0.11.0 to 0.12.0
- a325bca Bump goreleaser/goreleaser-action from 4 to 5
- 88b94c7 Skipping CodeQL when running Dependabot Pull Request check
- b8032b3 Bump actions/checkout from 3 to 4 and hide fetch progress
- a7d548c Improvements to the GoReleaser release notes template
- 8e50904 Start running vulnerability scans on schedule
- 50c0ca0 Add CodeQL (GitHub vulnerability analysis) to github workflow
- 6ce1c4e Change GitHub build workflow to use version of go from go.mod
- b932932 Reduce GitHub build workflow run time by fetching only the current commit
(Application executable in release assets built with Go version 1.21.3).
v1.5.0
This is a release of my forked project, from branch fork. See below for full changelog, listing all commits since previous fork release. The primary asset of the release is a direct download link for a ready-to-use build of the application's single executable, as well as an alternative .zip archive containing the same executable. It is built with Go version 1.21.0.
About this fork
This release is from my fork of jstarks/npiperelay, adding some smaller improvements on top of upstream release v0.1.0. The changes are conservative; primary concern is to keep the code updated and secure, considering upstream has not been updated since this first release back in mid 2020. See previous release notes for fork releases starting with v1.0.0 to learn about all changes.
Checksums
The SHA-256 checksums of the binary release assets are published as text file asset npiperelay_checksums.txt. Note that the .zip asset for the amd64 (x64/64-bit) and 386 (x86/32-bit) architectures both contain a single executable with name npiperelay.exe, and it is identical to the .exe asset with same name as the .zip asset, i.e. npiperelay_windows_386.exe and npiperelay_windows_amd64.exe, and should therefore have the same checksum.
These are the SHA-256 checksums of all binary release assets, as published in npiperelay_checksums.txt:
4752c108432382a6e77afaa3a5d9f9908e466a2cad1de4392e7f3e0775dfb1ab npiperelay_windows_amd64.exe
7f4717abcd0f2593279656d394d558a1454eba4342bec41556ffa33a8e886251 npiperelay_windows_amd64.zip
d591a5653737f7b36386978567f0fcf7760af0cb7c6f338812ddf99106bfca0b npiperelay_windows_386.zip
d81705c55a345f42f85e6559151ccae439bbf87e01cc2faafbe9899a6b969b56 npiperelay_windows_386.exe
Antivirus
If your local antivirus treats the downloaded archive or executable as suspicious or malicious, you should try to report it as a false positive, e.g. to Symantec on symsubmit.symantec.com (select "Clean software incorrectly detected"). At the time of the release, no security vendors on VirusTotal flagged the asset download urls as malicious, but some very few (well below 10%) did flag the zip archive and executable files themselves (see report for each of the assets in expandable section below). The implementation is less than 300 lines of go code, plus a single, commonly used, third party dependency. The source code is automatically run through a vulnerability analysis, using govulncheck, and a long list of code quality checks (linters), using golangci-lint (see .golangci.yml for the complete list). If you do worry, you are free to analyse the code yourself, and you can also build the executable locally from source.