This script is potentially fetched from an untrusted source and should be in good shape to be easily auditable. - Create just one TMPDIR - Improve comments - Use `cut` to extract sha256 - Use camelCase var names like in other scripts
This allows getting the hash of the latest (or some other) release using github releases and gpg verification.