fix(security): refresh DCG installer checksum

Dicklesworthstone · Dicklesworthstone · commit ae8a7fa722f6 · 2026-05-06T16:37:42.000-04:00
Refresh the verified-installer pin for destructive_command_guard after the Ubuntu 25.10 Docker canary observed the upstream install.sh changed again.

The canonical checksum refresh diff was limited to the generated timestamp plus the dcg entry. ACFS security verification and automated_flywheel_setup_checker --check-hashes both report all 41 installer hashes matched after the refresh.

Verification:

- ./scripts/lib/security.sh --verify --json

- automated_flywheel_setup_checker validate --path checksums.yaml --check-hashes
diff --git a/checksums.yaml b/checksums.yaml
@@ -1,4 +1,4 @@
-# checksums.yaml - Auto-generated 2026-05-06T16:15:21-04:00
+# checksums.yaml - Auto-generated 2026-05-06T16:36:52-04:00
 # Run: ./scripts/lib/security.sh --update-checksums
 
 installers:
@@ -56,7 +56,7 @@ installers:
 
   dcg:
     url: "https://raw.githubusercontent.com/Dicklesworthstone/destructive_command_guard/main/install.sh"
-    sha256: "b27f2a504c8939ede1101ba8dc90282f011634556a278b46a5f64b42d3eb477b"
+    sha256: "2b657111e08df04bf233d82809cc4a264616008f47a70eceed18a870237b9ea8"
 
   dsr:
     url: "https://raw.githubusercontent.com/Dicklesworthstone/doodlestein_self_releaser/main/install.sh"
