Re: [dev] file integrity github project

From: Nick <>
Date: Fri, 25 Aug 2017 08:38:41 +0100

Quoth Joshua Haase:
> It's not so many work if git is configured to always sign and/or the
> package build system sign by default.

Configuring git to sign every commit is a pain if you have a
passphrase on your gpg key, or it's tied to a smartcard; entering
that every time you commit makes the process a lot more annoying.
Yes, I'm sure you could configure gpg-agent to some mode to mitigate
that somewhat, but I don't think it's worth it. Just for each tag
would be fine.
Received on Fri Aug 25 2017 - 09:38:41 CEST

This archive was generated by hypermail 2.3.0 : Fri Aug 25 2017 - 09:48:18 CEST