On Thu, Apr 06, 2017 at 06:27:08PM -0700, William Roberts wrote: > Why not just checkout the release with git?
Because this wouldn't solve the problem or do you use signed commits in your linux-audit git repository? And even if you use signed commits I really would appreciate if you would sign the tarball and provide a hash for it on the release page. This would increase security a lot. cheers, chris
signature.asc
Description: PGP signature
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
