Question about git signed tags

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Here's a question from one of my upstream devels. Not sure I understand exactly what he's asking but I thought I'd post here in the hope that someone can enlighten him (and me!).

"... Arch supports signed git tags. I'm hoping Fedora does too.

I'm thinking of dropping this cumbersome process (i.e: signing and pushing the .sig and .tar.gz) for the next release. Simply sign the tag and create a release out of it. Can you please do a bit of research on your side to see if that's possible?

Also, for your consideration, git now supports ssh-based signatures. I won't stop using PGP because I think distros don't support this very well but just so you know."

If we _do_ support "signed git tags" how do we code for it in the spec file? Presently I have this:

Source0: %{url}/releases/download/v%{version}/%{name}-%{version}.tar.gz
Source1: %{url}/releases/download/v%{version}/%{name}-%{version}.tar.gz.sig
Source2: 6A6B35DBE9442683.gpg

...

%prep
%gpgverify -k 2 -s 1 -d 0
%autosetup -p1



Thanks



Bob

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux