[Nix-dev] Signed git
Vladimír Čunát
vcunat at gmail.com
Fri Feb 26 11:06:13 CET 2016
On 02/26/2016 09:55 AM, Oliver Charles wrote:
> Signed SHAs and the like give us a way to say "I am releasing this
> version, and you have a way to check that 'I' really said it".
We could point to the corresponding narinfo file. For any package
there's a signature of the build farm.
That is, assuming the ISOs are copied to the binary cache. I briefly
looked for the latest 15.09 ones, and they seem not to be there:
- latest channel revision: 922f03
- the build: http://hydra.nixos.org/build/32068791#tabs-summary
- http://cache.nixos.org/95c41wi9dqc1si96d4vhigf0p258s1mr.narinfo
--Vladimir
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3771 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.science.uu.nl/pipermail/nix-dev/attachments/20160226/7f8e26df/attachment.bin
More information about the nix-dev
mailing list