You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For future releases, could you provide signed sources for authenticity, Github can republish sources at any time, it allows packagers to ensure the tarball they downloaded was what the developer released, and has not been modified.
Should be as simple as uploading a detached signature of the tarball Github makes.
Thank you,
Polarian
The text was updated successfully, but these errors were encountered:
Description
Hello,
For future releases, could you provide signed sources for authenticity, Github can republish sources at any time, it allows packagers to ensure the tarball they downloaded was what the developer released, and has not been modified.
Should be as simple as uploading a detached signature of the tarball Github makes.
Thank you,
Polarian
The text was updated successfully, but these errors were encountered: