Skip Navigation
Show nav
Heroku Dev Center
  • Get Started
  • Documentation
  • Changelog
  • Search
  • Get Started
    • Node.js
    • Ruby on Rails
    • Ruby
    • Python
    • Java
    • PHP
    • Go
    • Scala
    • Clojure
  • Documentation
  • Changelog
  • More
    Additional Resources
    • Home
    • Elements
    • Products
    • Pricing
    • Careers
    • Help
    • Status
    • Events
    • Podcasts
    • Compliance Center
    Heroku Blog

    Heroku Blog

    Find out what's new with Heroku on our blog.

    Visit Blog
  • Log inorSign up
View categories

Categories

  • Heroku Architecture
    • Dynos (app containers)
    • Stacks (operating system images)
    • Networking & DNS
    • Platform Policies
    • Platform Principles
  • Command Line
  • Deployment
    • Deploying with Git
    • Deploying with Docker
    • Deployment Integrations
  • Continuous Delivery
    • Continuous Integration
  • Language Support
    • Node.js
    • Ruby
      • Rails Support
      • Working with Bundler
    • Python
      • Background Jobs in Python
      • Working with Django
    • Java
      • Working with Maven
      • Java Database Operations
      • Working with the Play Framework
      • Working with Spring Boot
      • Java Advanced Topics
    • PHP
    • Go
      • Go Dependency Management
    • Scala
    • Clojure
  • Databases & Data Management
    • Heroku Postgres
      • Postgres Basics
      • Postgres Getting Started
      • Postgres Performance
      • Postgres Data Transfer & Preservation
      • Postgres Availability
      • Postgres Special Topics
    • Heroku Data For Redis
    • Apache Kafka on Heroku
    • Other Data Stores
  • Monitoring & Metrics
    • Logging
  • App Performance
  • Add-ons
    • All Add-ons
  • Collaboration
  • Security
    • App Security
    • Identities & Authentication
    • Compliance
  • Heroku Enterprise
    • Private Spaces
      • Infrastructure Networking
    • Enterprise Accounts
    • Enterprise Teams
    • Heroku Connect (Salesforce sync)
      • Heroku Connect Administration
      • Heroku Connect Reference
      • Heroku Connect Troubleshooting
    • Single Sign-on (SSO)
  • Patterns & Best Practices
  • Extending Heroku
    • Platform API
    • App Webhooks
    • Heroku Labs
    • Building Add-ons
      • Add-on Development Tasks
      • Add-on APIs
      • Add-on Guidelines & Requirements
    • Building CLI Plugins
    • Developing Buildpacks
    • Dev Center
  • Accounts & Billing
  • Troubleshooting & Support
  • Integrating with Salesforce
  • Deployment
  • Deployment Integrations
  • Slug Checksums

Slug Checksums

English — 日本語に切り替える

Last updated March 09, 2022

Table of Contents

  • Supported algorithms
  • Computing and setting a checksum
  • Reading a checksum

Checksum verification is currently only supported by apps in Private Spaces.

To protect the integrity of slugs on the Heroku Platform, slug metadata includes a checksum. The checksum is automatically calculated and set for slugs when deploying with Git; however, the checksum can also be manually set when creating slugs via the Platform API. When releasing a slug with a checksum, the checksum is verified before the dyno is launched. If the verification fails, an R17 error will occur and the dyno will be blocked from starting.

Supported algorithms

Currently, only the SHA256 algorithm is supported.

Computing and setting a checksum

The checksum is automatically calculated and set for slugs when deploying with Git. When creating a slug directly with the Platform API, the checksum can be computed and manually set for the slug. After creating the compressed slug file, use a tool such as shasum to compute the checksum:

$ shasum --algorithm 256 slug.tgz
f34f97e65fd1f78cdab0a8c8552bd82c67441a08303e4b479f8824e5a8ec9b13  slug.tgz

The Heroku checksum format is <ALGORITHM> ":" <VALUE>. For example, the checksum computed above should be formatted as SHA256:f34f97e65fd1f78cdab0a8c8552bd82c67441a08303e4b479f8824e5a8ec9b13.

The checksum is then included in the request to create the slug:

$  curl -X POST \
-H 'Content-Type: application/json' \
-H 'Accept: application/vnd.heroku+json; version=3' \
-d '{"process_types":{"web":"bin/web"}, "checksum":"SHA256:f34f97e65fd1f78cdab0a8c8552bd82c67441a08303e4b479f8824e5a8ec9b13"}' \
-n https://api.heroku.com/apps/example/slugs

Reading a checksum

The read the checksum of an existing slug via Platform API:

$  curl -X GET \
-H 'Accept: application/vnd.heroku+json; version=3' \
-n https://api.heroku.com/apps/example/slugs/$SLUG_ID
{
  ...
  "checksum":"SHA256:f34f97e65fd1f78cdab0a8c8552bd82c67441a08303e4b479f8824e5a8ec9b13",
  ...
}

Keep reading

  • Deployment Integrations

Feedback

Log in to submit feedback.

WAR Deployment Using Terraform with Heroku

Information & Support

  • Getting Started
  • Documentation
  • Changelog
  • Compliance Center
  • Training & Education
  • Blog
  • Podcasts
  • Support Channels
  • Status

Language Reference

  • Node.js
  • Ruby
  • Java
  • PHP
  • Python
  • Go
  • Scala
  • Clojure

Other Resources

  • Careers
  • Elements
  • Products
  • Pricing

Subscribe to our monthly newsletter

Your email address:

  • RSS
    • Dev Center Articles
    • Dev Center Changelog
    • Heroku Blog
    • Heroku News Blog
    • Heroku Engineering Blog
  • Heroku Podcasts
  • Twitter
    • Dev Center Articles
    • Dev Center Changelog
    • Heroku
    • Heroku Status
  • Facebook
  • Instagram
  • Github
  • LinkedIn
  • YouTube
Heroku is acompany

 © Salesforce.com

  • heroku.com
  • Terms of Service
  • Privacy
  • Cookies
  • Cookie Preferences