search

freedomofpress / securedrop-builder

Packaging logic for building SecureDrop-related Debian packages
GNU General Public License v3.0
7 stars 11 forks source link

Verify sha256sums.txt and signatures in CI #498

Closed legoktm closed 6 months ago

legoktm commented 6 months ago

Avoids a situation like https://github.com/freedomofpress/securedrop-builder/pull/497#issuecomment-2073826834, where wheels are updated, but the sha256sums and associated signatures are not.

Test plan