On Thu, 24 Aug 2017 13:45:35 +0200
Hiltjo Posthuma <hiltjo_AT_codemadness.org> wrote:
Hey Hiltjo,
> We must have scripts for this. Generating the SHA256 checksums was
> easy. There were 2 checksums missing for surf which were fixed. If we
> automate this then there is less chance to forget anything. We should
> remove MD5 and SHA1 checksum support.
agreed, SHA256 alone is sufficient imho.
> I think it's a good idea if we start to (optionally) sign (git)
> releases. This can be discussed further.
This is something I would support! :) We could go as far to tell
dl.suckless.org to automatically generate tarballs and hashes from the
OpenPGP-signed git tags.
With best regards
Laslo
--
Laslo Hunhold <dev_AT_frign.de>
Received on Thu Aug 24 2017 - 17:38:32 CEST