Sign phar file in separate file

Question

Sign phar file in separate file

eclipxe13 opened this issue 8 years ago · 3 comments

Please consider adding a detached signature to the phpstan.phar releases, so the validity of the release phar can also be verified. This would also allow installing phpstan via phive.

Answer 1 · 2017-10-28T08:15:50.000Z

Hi,
I've been looking into https://phar.io and it looks like any installable tool has to be added manually so in order for phive install phpstan to work I have to contact the authors. Is that right?

Answer 2 · 2017-10-28T19:06:44.000Z

Just make a pull request to the list repository. If you are using github releases and sign the pharmacy you are ready. El 28 oct. 2017 3:15 AM, "Ondřej Mirtes" <notifications@github.com> escribió:

…

Hi, I've been looking into https://phar.io and it looks like any installable tool has to be added manually so in order for phive install phpstan to work I have to contact the authors. Is that right? — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#9 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ABNUpLGha3JQ6w2uPWjxk1flLznQ3TyTks5swuK2gaJpZM4QJ0Xk> .

Answer 3 · 2017-10-28T19:34:59.000Z

I added the asc signature to the releases over at phpstan/phpstan and sent a PR to Phive: phar-io/phar.io#23