Question: Is this the NuGet package

[zahirtezcan-bugs]

Is this the NuGet package for this repository? If so is there a way to make yourself the verified publisher so people can find this repository via repository link?

[shacharPash]

@chayim

[chayim]

@zahirtezcan-bugs This is the nuget package. As a result, a README has been merged in as part of #76, and will appear in the upcoming release.

I don't see a lot of open-source implementing code signing. While #77 signs things using a GPG certificate, it currently cannot be pushed to nuget.org due to this design.

[zahirtezcan-bugs]

Sorry if I was inconvenient but I am a mere simpleton when things come to security related issues. I thought the "tick" next to the a package could be easier on the uploader account side of things other than signing packages.

I thought it was related to verified: true entry in related package query. What I was asking can be seen on StackExchange.Redis package nuget page. Where they have a "tick" under package name, and have links to project website and github repository on the right side of the page.

Since this was a question other than a feature request, thanks for the answers. Feel free to close this issue whenever you deem finished.

[chayim]

@zahirtezcan-bugs all good, I'm glad you asked! I think the "tick" occurs there due to them owning the underlying prefix. I've left the code-signing item open, as we think / figure it out. Will close accordingly!