Verify the signature on dotfiles when creating a homedir#97
Conversation
|
@lrvick Ping! |
|
|
||
| cat > "${GNUPGHOME}/gpg.conf" <<EOF | ||
| # Never, ever, ever do this in your personal gpg.conf | ||
| # However, this is sane when you know use an empty GNUPGHOME |
There was a problem hiding this comment.
sane when you know use an empty
huh?
There was a problem hiding this comment.
Oops, missing word in the comment.
Thanks
|
I tested it on my Both the “good” (valid signature) case and the “unknown signer” case work. |
|
@daurnimator Any comment, now that I fixed the missing word? |
|
Can't see anything wrong with it. Not something I see the point of; but whatever, merge it. |
|
OK. @daurnimator FYI, the point of hashbang/hashbang#14 is not to trust Github ultimately. |
This is done in two steps:
HEADwhen cloning the dotfiles repo.