On Thu, 23 May 2019 at 19:06, Laszlo Kishalmi <laszlo.kisha...@gmail.com> wrote: > What do we know about the NBM signing inside of Apache?
Tangentially related I know, but I've wondered whether we should also have a file hash in the catalog and validate that as well? And of course, longer term we'll also have reproducible NBM builds! :-) Hash would definitely be good for validating third-party plugins too if they're hosted elsewhere from the plugin manager catalog. Best wishes, Neil --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@netbeans.apache.org For additional commands, e-mail: dev-h...@netbeans.apache.org For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
