Dne 20. 10. 22 v 21:40 rsbecker@xxxxxxxxxxxxx napsal(a): > As I see it, if git commit signatures become a requirement (maybe > resulting from supply chain discussions), then using existing > capabilities may be the most practical alternative. This would > involve submitting signed commits in pull request via GitHub instead > of emailing patches. I know this is not a desirable position for the > git team, but it is currently available technology. In a pinch, that > could satisfy the requirement. I just think that this future is much closer than one would think. I think that for example electronic signatures and hashes are one of reasons why even SUSE is probably now going to ditch osc as a versioning system and switch to git (yay! \o/). Our partners just forced us to do so. And I really liked the true independence of git distributed development. Best, Matěj -- https://matej.ceplovi.cz/blog/, Jabber: mcepl@xxxxxxxxxx GPG Finger: 3C76 A027 CA45 AD70 98B5 BC1D 7920 5802 880B C9D8 Every true American would rather see this land face war than see her flag lowered in dishonor. -- The Episcopal bishop of New York, William Manning, 1916
Attachment:
OpenPGP_0x79205802880BC9D8.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
