Please tag a release and gpg sign

Question

Please tag a release and gpg sign

Opened this issue 6 years ago · 1 comments

Would be great to have an official release of this tool tagged with an OpenPGP signature.
This way we can have users download and check the signature before trusting (removing the need to trust GitHUb).

I still have some minor visual formatting I'd like to do (eg: make it responsive for mobile users), but I thought I'd get this conversation started as security is more important :-)

Answer 1 · 2019-01-14T23:56:39.000Z

Agreed. Would be nice to have a folder with developer pubkeys with signature verification instructions in README.