Where are the Machine Readable Release Checksums?

I want to automate the downloading, validation, and installation of a gradle release.

I found that I can get a release here: https://downloads.gradle-dn.com/distributions/gradle-.bin.zip

However, the only place that I have found the checksums for the releases is here: Gradle | Gradle distribution and wrapper JAR checksum reference.

I don’t want to have to parse through the HTML to get the checksum for a given release.

Is there some URL from which I can get a machine readable version of this information?


The *.sha256 files are available in the same location you are downloading the zips.


Of course, if someone manages to man-in-the-middle attack the zip download then they are probably also modifying the sha256 download. So you are loosing that protection when automatically updating to a new release.

The machine readable directory with the download urls for the distributions and checksums is at Gradle Version Information. There you can get JSONs for the different release channels or all together.