Project

General

Profile

Feature #6136

Add gpg signatures whenever releasing ruby source tarballs

Added by Thomas Dziedzic about 4 years ago. Updated over 3 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
[ruby-core:43257]

Description

I was one of the unfortunate people quick enough to grab the buggy version of ruby that contained bug #6040 as announced here:
http://www.ruby-lang.org/en/news/2012/02/16/ruby-1-9-3-p125-is-released/

Someone notified me that the md5sums used for our package didn't match.
It would be nice to have a gpg sig released with every ruby release so we can be sure it came from you guys without having to worry and search for rerelease notes.

History

#1 [ruby-core:43936] Updated by Yusuke Endoh about 4 years ago

  • Status changed from Open to Feedback

I'm not sure if I understand your problem correctly.
I guess gpg does not work for you.

Could you elaborate your situation, and explain how gpg solves your problem?

--
Yusuke Endoh mame@tsg.ne.jp

#2 [ruby-core:49729] Updated by Yusuke Endoh over 3 years ago

  • Status changed from Feedback to Rejected

No feedback. Closing.

--
Yusuke Endoh mame@tsg.ne.jp

Also available in: Atom PDF