Feature #6136

Add gpg signatures whenever releasing ruby source tarballs

Added by Thomas Dziedzic about 2 years ago. Updated over 1 year ago.

[ruby-core:43257]
Status:Rejected
Priority:Normal
Assignee:-
Category:-
Target version:-

Description

I was one of the unfortunate people quick enough to grab the buggy version of ruby that contained bug #6040 as announced here:
http://www.ruby-lang.org/en/news/2012/02/16/ruby-1-9-3-p125-is-released/

Someone notified me that the md5sums used for our package didn't match.
It would be nice to have a gpg sig released with every ruby release so we can be sure it came from you guys without having to worry and search for rerelease notes.

History

#1 Updated by Yusuke Endoh about 2 years ago

  • Status changed from Open to Feedback

I'm not sure if I understand your problem correctly.
I guess gpg does not work for you.

Could you elaborate your situation, and explain how gpg solves your problem?

Yusuke Endoh mame@tsg.ne.jp

#2 Updated by Yusuke Endoh over 1 year ago

  • Status changed from Feedback to Rejected

No feedback. Closing.

Yusuke Endoh mame@tsg.ne.jp

Also available in: Atom PDF