On 2018-01-04, David Gibson wrote: > Hi everyone. There have been a number of useful bugfixes added to the > dtc tree since v1.4.5, so I decided to tag another release. Thanks for all the work on dtc! > The signed tag is in the master git tree at: > > git://git.kernel.org/pub/scm/utils/dtc/dtc.git I'm not seeing a signed tag for v1.4.6, and it doesn't appear in the web interface either: https://git.kernel.org/pub/scm/utils/dtc/dtc.git/refs/tags > Or you can download tarballs from: > > https://www.kernel.org/pub/software/utils/dtc/ Fortunately, commit:e54388015af1fb4bf04d0bca99caba1074d9cc42 appears to be consistent with the contents of the 1.4.6 tarballs. On a related note, I was wondering if it would be possible to have the compressed tarballs have their own signature: https://www.kernel.org/pub/software/utils/dtc/dtc-1.4.6.tar.sign Only validates against the uncompressed tarball, which makes verification of the signature a bit more complicated, having to decompresss the tarball before verification. It also means I can not include the signature file in the Debian archive, as the signature needs to verify against the compressed tarball in the Debian archive. For this reason especially, it would be nice to have dtc-X.Y.Z.tar.xz.sign available as well. Thanks for considering! Please CC me in replies; I'm not subscribed to the list. live well, vagrant
Attachment:
signature.asc
Description: PGP signature
