On Mar 8, 2015 12:35 AM, "Todd Zullinger" <[email protected]> wrote: > But while we're on the subject, are there PGP signatures available for the cgit tarballs themselves?
I include a sha256 of the tarball in the announcement emails. Those emails are pgp signed. My pgp key is embedded in the repo, as well, and it's verifiable that all announce emails have been signed with the same key.
_______________________________________________ CGit mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/cgit
