On 10/14/18 7:16 PM, Levente Polyak via aur-general wrote: > On 10/14/18 11:35 PM, Daniel Bermond via aur-general wrote: >> I usually don't use pgp on my aur packages because people tend to >> complain a lot about building issues. They fail to handle the keys and >> start complaining to the packager, and this is a big stress. When >> dealing with repository packages this is another story, of course. Since >> this was raised as a main issue, I'll be adding the pgp checks back again. >> > So let me summarize what you are saying, correct me if im wrong: > > You fully know whats all the gizzle with gpg. Instead of acting like a > trustable user who follows best practice and spreads good advice and > helps teaching people about how all this works properly you prefere to > pull the lazy card because its what? big stress? Serious? > I don't even find words to describe how untrustworthy this is to the > community to prefer to remove GPG signatures instead of educating users? > > PS: Did you hear of pinned comments? > > WOW I'm speechless at best. Sorry then. I'll be using gpg checks whenever it's available from now on.
-- Best regards, Daniel Bermond
signature.asc
Description: OpenPGP digital signature
