The Lede git repositories provide no signed tags.

It is therefore difficult to verify if the downloaded repository has
been tampered with or should be trusted.

For each repository there should be at least one responsible person who
will create signed tags at regular intervals.

Best regards

Heinrich Schuchardt

Lede-dev mailing list

Reply via email to