[LEDE-DEV] Signed tags missing in Git repositories

Heinrich Schuchardt xypron.glpk at gmx.de
Tue Oct 18 13:43:59 PDT 2016

Previous message (by thread): [LEDE-DEV] [RFC] dwr-512: Image Cracking
Next message (by thread): [LEDE-DEV] [PATCH] base-files: sysfixtime: Allow system time in local timezones
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The Lede git repositories provide no signed tags.

It is therefore difficult to verify if the downloaded repository has
been tampered with or should be trusted.

For each repository there should be at least one responsible person who
will create signed tags at regular intervals.

Best regards

Heinrich Schuchardt

Previous message (by thread): [LEDE-DEV] [RFC] dwr-512: Image Cracking
Next message (by thread): [LEDE-DEV] [PATCH] base-files: sysfixtime: Allow system time in local timezones
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Lede-dev mailing list