Dear dwm upstream,
I'm the maintainer of the dwm Debian package.
For security reasons, it would be a good idea to provide PGP/GPG signed
release tarballs. Signature checks are automatically done by our packaging
systems and help us to determine whether a new release is trustworthy or
not before packaging it.
Users should also be able to verify the origin of a new release before
installing it.
Thanks for your work on dwm !
Regards,
Hugo Lefeuvre (hle)
--
Hugo Lefeuvre (hle) | www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
Received on Sat Jun 25 2016 - 15:56:35 CEST