I was packaging v2018.2.2 and I noticed that there's no signature on
this tag. Is this intentional?
On Mon, Aug 13, 2018 at 03:51:35PM -0500, Andreas Kloeckner wrote:
Santiago Torres-Arias <santiago(a)archlinux.org>
I'm currently thinking of adopting the
Python-opencl package on the Arch
Linux community repositories. I noticed that there are no tarball
signatures or signed tags for the sources.
Is this intentional? I'd be more than convenient security-wise to have a
(or a set) key that I could trust when building the package :)
Thanks for the suggestion. I've started doing this on a few of my
packages (e.g. ) and will try to remember to keep it up. Feel
free to ping me if I forget. I've also started signing my email
again. The key I'll use is the same I used to sign this email.