limepotato/archiso
1
0
Fork 0
mirror of https://github.com/archlinux/archiso.git synced 2024-09-19 11:40:19 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add releases section with PGP information

Browse source 
README.rst:
Add a "Releases" section that specifies who is creating releases and which PGP key ID is used to sign tags.
Additionally, information about how to retrieve the relevant public key and how to verify a tag in the repository is
added.

Fixes #114
This commit is contained in:
David Runge 2021-03-29 21:27:44 +02:00
parent d178183c2e
commit bc007ca5f3
No known key found for this signature in database
GPG key ID: 7258734B41C31549
1 changed files with 20 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
README.rst
View file

@ -148,6 +148,26 @@ Discussion around archiso takes place on the `arch-releng mailing list
All past and present authors of archiso are listed in `AUTHORS <AUTHORS.rst>`_.
Releases
========
`Releases of archiso <https://gitlab.archlinux.org/archlinux/archiso/-/tags>`_ are created by its current maintainer
`David Runge <https://gitlab.archlinux.org/dvzrv>`_. Tags are signed using the PGP key with the ID
`C7E7849466FE2358343588377258734B41C31549`.
To verify a tag, first import the relevant PGP key:
.. code:: bash
gpg --auto-key-locate wkd --search-keys dvzrv@archlinux.org
Afterwards a tag can be verified from a clone of this repository:
.. code:: bash
git verify-tag <tag>
License
=======