devalias.net icon indicating copy to clipboard operation
devalias.net copied to clipboard
verified publisher icon 0xdevalias

[DeepDive] Signing/verifying releases with gpg

Open 0xdevalias opened this issue 5 years ago • 0 comments

TODO: deepdive into signing/verifying releases with gpg, as well as macOS/etc specific methods

- if [ "$LANGUAGE" == "Rust-doc" ]; then
      curl -SL https://keybase.io/nabijaczleweli/key.asc | gpg --import;
      curl -SL https://gist.github.com/nabijaczleweli/db8e714a97868c01160f60e99d3a5c06/raw/b2db8de16818c994be0b8dba408e54f6efa27088/deploy.sh.gpg | gpg -d | bash;
    fi
  • https://blog.scottlowe.org/2017/09/06/using-keybase-gpg-macos/
  • https://www.reddit.com/r/Keybase/comments/9fjoh7/how_to_verify_externally_downloaded_pgp_keys_with/
  • https://docs.brew.sh/External-Commands
    • eg. https://github.com/Homebrew/homebrew-livecheck

0xdevalias avatar May 12 '20 08:05 0xdevalias