[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Signing git tags for releases
|
From: |
Stefan Kangas |
|
Subject: |
Re: Signing git tags for releases |
|
Date: |
Wed, 8 Dec 2021 14:06:33 -0800 |
Lars Ingebrigtsen <larsi@gnus.org> writes:
> Stefan Kangas <stefan@marxist.se> writes:
>
>> I would like to suggest that we start signing git tags in our
>> repository. This would give greater confidence that a particular commit
>> is in fact the one corresponding to a particular release (e.g. the one
>> with some security fix and not an older one).
>
> I'm in favour -- I think many (most?) larger projects do it this way
> now. But I have no idea whether there's any drawbacks.
There have been no other comments within a week, besides the one from
Teemu Likonen who spotted a mistake in the patch I proposed.
If anyone has anything more to add here, there is still some time to
speak up before it is time for the second pretest. If I don't see any
further comments until then, I will go ahead with the proposed plan.
Thanks.
- Signing git tags for releases, Stefan Kangas, 2021/12/02
- Re: Signing git tags for releases, Teemu Likonen, 2021/12/03
- Re: Signing git tags for releases, Lars Ingebrigtsen, 2021/12/03
- Re: Signing git tags for releases,
Stefan Kangas <=
- Re: Signing git tags for releases, Eli Zaretskii, 2021/12/09
- Re: Signing git tags for releases, Stefan Kangas, 2021/12/26
- Re: Signing git tags for releases, Eli Zaretskii, 2021/12/26
- Re: Signing git tags for releases, Stefan Kangas, 2021/12/26
- Re: Signing git tags for releases, Eli Zaretskii, 2021/12/27