Keybase is a website. Under the hood, you can use classic gpg (that's what I do). See https://keybase.io/melix
2015-07-10 12:34 GMT+02:00 jim northrop <[email protected]>: > Cedric do u have a link to key base tools pls ? > > > On Thursday, 9 July 2015, Cédric Champeau <[email protected]> > wrote: > >> For the signature, I'm using keybase, which is a public web of trust. >> Just click the link that the signature check gives you. >> >> 2015-07-09 23:17 GMT+02:00 Pascal Schumacher <[email protected]>: >> >>> +1 >>> >>> >gradle test dist >>> BUILD SUCCESSFUL >>> >>> unziped binDist: groovysh runs; can compile and run a script >>> >>> signature looks o.k.: >>> >gpg --verify apache-groovy-src-2.4.4-incubating.zip.asc >>> apache-groovy-src-2.4.4-incubating.zip >>> gpg: Signatur vom 07/09/15 22:06:32 Mitteleuropõische Sommerzeit mittels >>> RSA-Schlüssel ID D6BDB924 >>> gpg: Korrekte Signatur von "keybase.io/melix <[email protected]>" >>> [unbekannt] >>> gpg: WARNUNG: Dieser Schlüssel trägt keine vertrauenswürdige Signatur! >>> gpg: Es gibt keinen Hinweis, daß die Signatur wirklich dem >>> vorgeblichen Besitzer gehört. >>> Haupt-Fingerabdruck = 3312 24E1 D7BE 883D 16E8 A685 825C 06C8 27AF 6B66 >>> Unter-Fingerabdruck = 0191 E61A CBBE 7632 3AC1 5C83 B5AD 94BD D6BD B924 >>> >>> I guess real name and trusted signature would be nice. ;) >>> >>> Big thanks to Cédric for doing the work. >>> >>> Cheers, >>> Pascal >>> >>> >>> Am 09.07.2015 um 22:29 schrieb Cédric Champeau: >>> >>> Dear community, >>> >>> This is our second attempt to release Apache Groovy 2.4.4 after a first >>> missed released a few weeks ago. Since our last try, we fixed the problems >>> that were highlighted by our mentors. In particular, we removed the last >>> jars from the source distribution, we fixed the missing headers and >>> relicensed the documentation to ALv2. >>> >>> The changelog for this release can be found here: >>> <https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318123&version=12331941> >>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12318123&version=12331941 >>> >>> Tag for the release: >>> https://git1-us-west.apache.org/repos/asf?p=incubator-groovy.git;a=commit;h=716b0b1bd56eeab04e4441eecc91c2cd8bfda8b6 >>> <https://git1-us-west.apache.org/repos/asf?p=incubator-groovy.git;a=tag;h=19f70958f39f0cc5c6b4d3e9471fd297400647d2> >>> >>> The artifacts to be voted on are located here: >>> <http://people.apache.org/%7Ecchampeau/groovy/> >>> http://people.apache.org/~cchampeau/groovy/ >>> >>> Release artifacts are signed with the following keys: >>> <http://people.apache.org/%7Ecchampeau/groovy/KEYS> >>> http://people.apache.org/~cchampeau/groovy/KEYS >>> >>> It is expected that mentors or PPMC members check at least checksums and >>> signatures, and of course much better if you can also verify the source >>> package. >>> >>> Please vote on releasing this package as Apache Groovy 2.4.4-incubating. >>> >>> The vote is open for the next 72 hours and passes if a majority of at >>> least three +1 PPMC votes are cast. >>> >>> [ ] +1 Release Apache Groovy 2.4.4-incubating >>> [ ] 0 I don't have a strong opinion about this, but I assume it's ok >>> [ ] -1 Do not release Apache Groovy 2.4.4-incubating because... >>> >>> Here is my vote: >>> >>> +1 (binding) >>> >>> >>> >>
