Closed BrainDamage closed 2 years ago
It'd be nice if the release tarballs were pgp/gpg signed so that their authenticity and integrity could be verified independently of the host
bonus points if you could sign the release commits too, so the same could be applied to the git repository
Hey, sorry I haven't replied earlier. I'm working on this. The RPMS and debs are signed. I should get everything else signed soon.
It'd be nice if the release tarballs were pgp/gpg signed so that their authenticity and integrity could be verified independently of the host
bonus points if you could sign the release commits too, so the same could be applied to the git repository