6 Jul
2017
6 Jul
'17
7:46 a.m.
On 07/06/2017 09:44 AM, NicoHood wrote:
And yes, I am doing stuff in the background. I wrote a guide and a tool that simplifies source code signing[1] and I am doing a detailed security analysis on all ArchLinux packages. And once it is ready I will request gpg signatures from every upstream source, especially packages from [core].
Forgot the reference: [1] https://github.com/NicoHood/gpgit