[aur-general] checksums

Karol Babioch karol at babioch.de
Sat Oct 4 11:47:17 UTC 2014


Am 04.10.2014 um 12:54 schrieb stef204:
> What is the preferred way for me to proceed?

Use GPG to verify the integrity of the download and calculate the
checksum locally for yourself. Users of your package have to trust you
anyway, as you can basically do anything to your package, anyway.

Best regards,
Karol Babioch

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20141004/22c55011/attachment.bin>

More information about the aur-general mailing list