Miro Hrončok
|
102b2bcc79
|
Verify upstream sources with GPG
This is now a recommended thing to do:
https://docs.fedoraproject.org/en-US/packaging-guidelines/#_source_file_verification
Regardless if it adds actual security, it should prevent problems like this one:
https://mail.python.org/archives/list/python-dev@python.org/message/OYNQS2BZYABXACBRHBHV4RCEPQU5R6EP/
|
2019-11-01 08:09:41 +01:00 |
|