19 Jul
2015
19 Jul
'15
1:29 a.m.
[2015-07-19 06:52:39 +0200] Jerome Leclanche:
git tags can and should be pgp-signed, especially if the upstream is relying purely on git for releases. Is any package not covered by that?
That would certainly be the ideal way of doing things but I don't believe pacman currently knows how to verify these. Cheers. -- Gaetan