search

liamzdenek / phabricator-sandstorm

Packaging of the project management software, Phabricator, for use within Sandstorm
Apache License 2.0
3 stars 1 forks source link

Link Sandstorm package to publisher's keybase key with signing statement #8

Closed zarvox closed 8 years ago

zarvox commented 8 years ago

(this is not urgent, but should probably happen before the first non-prerelease)

Right now when you go to install the Phabricator package, you see the following:

install-screenshot

Since the prereleases already include a detached signature, it'd be nice if we made use of Sandstorm's keybase integration so that Sandstorm can show the author information right in the UI at package install time. :)

https://docs.sandstorm.io/en/latest/developing/publishing-apps/#verify-your-identity describes the process through which you can GPG-sign a statement that you produced a particular package. This allows Sandstorm (via keybase integration) to show the packager's name and other Keybase-provided identity information.

liamzdenek commented 8 years ago

Resolved in 2b8020cae098ae9c49ae8946dd5dd5938a32ee76