You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As the package maintainer of this in Arch Linux I would appreciate to maintaining the chain of trust with PGP signatures on commits / tags. This can be handled from the Arch Linux build tools and can automatically validate PGP public key of the author of the commit.
Tasks:
Sign commits and tags of releases
Mention the public keys used for signing the above in README or any other file within the repository so downstream systems can validate independently.
Add any new maintainers who can release on the above list (future)
Thank you
The text was updated successfully, but these errors were encountered:
Hi 馃憢
As the package maintainer of this in Arch Linux I would appreciate to maintaining the chain of trust with PGP signatures on commits / tags. This can be handled from the Arch Linux build tools and can automatically validate PGP public key of the author of the commit.
Tasks:
Thank you
The text was updated successfully, but these errors were encountered: