Closed DiagonalArg closed 9 years ago
Why? Anyone can inspect the content of any commit. There's nowhere for malicious code to hide.
If you trust me but can't inspect the code yourself, you should be using the rpm version, which I do sign with my gpg key.
What about packagers who would like to take your code, who would trust you, but not necessarily whole github and its cloud hosting provider.
@ryran, please sign it, i'd love to see @adrelanos include Pyrite when Whonix 8 finally goes stable. Update: just checked, Whonix 8 is here! Awesome! All the problems on 7 were becoming too much for me.
I can't believe a whole year went by ... more. Closing as dupe of #7. I really do plan to look into this next month. Will comment there if I need help.
Finally done.
https://github.com/ryran/pyrite/releases/tag/v1.0.2
I'll be using signed tags from now on, as well as signing all commits.
Dude! Thank you. Great little project, by the way ...
You should sign your code, man. Or at least give us some hashes.
(Thanks for your work!)