Closed pocelka closed 4 months ago
The packaging tool seems to support it: https://vv9k.github.io/pkger/signing.html I'll take a look at it at some point
Implemented in #276
Note that by default dnf doesn't check signatures of manually downloaded rpm packages, and if you enable it, you also have to manually import the public key with rpm --import lact.pubkey
(the pubkey file will be included with new releases)
Would it be possible to sign RPMs for fedora? I was installing this nice piece of software using Ansible and I was getting:
So far I disabled checking for GPG in my playbook but it would be nice to have without this; as this could be considered as a security issue.