On Thu, 23 May 2019 at 19:06, Laszlo Kishalmi <[email protected]> wrote: > What do we know about the NBM signing inside of Apache?
Tangentially related I know, but I've wondered whether we should also have a file hash in the catalog and validate that as well? And of course, longer term we'll also have reproducible NBM builds! :-) Hash would definitely be good for validating third-party plugins too if they're hosted elsewhere from the plugin manager catalog. Best wishes, Neil --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
