Oops, I read you wrong, sorry.
Well, in this situation what matters is that the image you download from the Internet is really the image you want to download.
That is why you must check that the hash matches the image you want to download, wherever it is or whoever provides it to you. With that, the security team should rest easy, I guess!
Edit:
So, in the url
https://github.com/logseq/logseq/releases
You can find the SHA256SUMS.txt file:
https://github.com/logseq/logseq/releases/download/0.8.2/SHA256SUMS.txt
With this content:
b5c6197641f84b53ef739cb37dd8bfe291cbafdc4a415b435ef226098b1b40fb Logseq-darwin-arm64-0.8.10.dmg aa67771e6a6fdd7c0e4c2f3ca6af1285512d1da85eb497534e268e2a7fddad8a Logseq-darwin-arm64-0.8.10.zip 49568613f3fcc2c65fff9ed1796c7f24a4dcfd2d462cf5010710136bcc6361bc Logseq-darwin-x64-0.8.10.dmg e7dcd4b97d94482b91998a1288fb63ede859e9bd22a19cfa9d85a6909534e005 Logseq-darwin-x64-0.8.10.zip 637dab248e9aebc7309d0bb93d56a1e503c8f1a63079c869a4275fd24a4a0e69 Logseq-win-x64-0.8.10-full.nupkg 670ac503f6b03fc29d66f63e875bf237561afead80d0db49380d20388e021ccd Logseq-win-x64-0.8.10.exe 9fab9132457ff94d8cd3f163409c742c80c681e217e93639f23dacc1e4a695b7 Logseq-linux-x64-0.8.10.AppImage a1d6be9e472129b9598a04fecaf945095292f91c93b8f88af839510b5a3ff3a9 Logseq-linux-x64-0.8.10.zip d1a036a3f87c339311206b74a6a995afa705a41c25b66e78b2a5a0918771cf93 Logseq-android-0.8.10.apk 298a3456462f92b3d381758de436db9ae2ba337a2fe9a10071bdafeea0f47895 RELEASES
When you download a file you can check that it’s checksum it’s the same as in that list, so they is no changes in the file (or yes, if it’s different!)
You can easily find a tool for that on windows, I guess.
If you don’t want your work IP in the github’s logs, there are different options to avoid that.
- use an VPN
- use Tor
- use VPN + Tor
- go to an other place and download from there to a storage like a pendrive
- make a ssh tunnel
- ask someone to upload it to an available url to you.
- p2p
- etc