Eric Seidel
Eric Seidel
> Regarding this, I talked to some security colleagues, and many believe that a double integrity check ( hash ) is enough, when sending the artifact it first sends the...
Got another request for this this morning. I don't think this would be particularly hard for us to add. The hard part will be making it easy for users to...
I thought about this more, my current proposal for a first implementation: 1. We can use an existing signing and key storage solution, e.g. https://docs.aws.amazon.com/signer/latest/developerguide/Welcome.html. This would allow Shorebird to...
I appreciate the offer. We're not yet ready to work on this, but when we do we will likely write up a design doc, possibly publicly and happy to engage...
We've now begun work on this. Bryan and I wrote up a design doc today which I will share later (once we've rolled out more of this work).
Customers who are blocked on this feature, should feel welcome to reach out to me (via email or Discord). We'd be happy to discuss with you early to make sure...
We have a basic version of this implemented: https://docs.shorebird.dev/guides/patch-signing/ We would love to work with any customers interested in this to improve it for your needs.
Blog post up: https://shorebird.dev/blog/patch-signing-beta/
I would be useful to understand which versions the Runner.app and Runner.appx end up with after a normal flutter build vs. a shorebird build. It's not clear to me which...
> Having the same problem, unable to release the app because of this Would love to help. If you build with `flutter build ipa` does it work?