Michał Górny (he/they) ∞🙀🚂🐧 on Nostr: 90s: people create releases locally, sign them using #PGP and publish. 2024: people ...
90s: people create releases locally, sign them using #PGP and publish.
2024: people keep their code on #GitHub, use GitHub CI pipeline to create and sign releases, and use #SigStore with GitHub authorizing the signing. And then they gloat how secure and tamper-resistant their packages are.
#security
2024: people keep their code on #GitHub, use GitHub CI pipeline to create and sign releases, and use #SigStore with GitHub authorizing the signing. And then they gloat how secure and tamper-resistant their packages are.
#security