7 Apr
2017
7 Apr
'17
9:08 p.m.
Am 07.04.2017 um 17:42 schrieb Steven Allen:
Comments on the community package:
- pypi.io redirects to pypi.org. - It doesn't look like pypi.org is for production use at this point (big red warning). - My package checks the PGP signature, this one doesn't.
Just to be sure I downloaded the file from both source urls (community and AUR PKGBUILD). They have the same sha256 checksum and can both be verified with the .asc file from you PKGBUILD. So they are identical, or am I missing something? I didn't notice that there is a signature file available, of course it should be used. ;) Regards, Michael