[ClusterLabs Developers] [RFC] Time to migrate authoritative source forge elsewhere?

Jan Pokorný jpokorny at redhat.com
Thu Jun 7 18:00:01 EDT 2018

On 04/06/18 09:23 +0200, Jan Pokorný wrote:
> As a second step, it might also be wise to start offering release
> tarballs elsewhere, preferrably OpenPGP-signed proper releases
> (as in "make dist" or the like) -- then it can be served practically
> from whatever location without imminent risk of being tampered with.

Meanwhile in Gitea land (another alternative for self-hosting):

Practical demonstration why to sign releases (tags, commits...), and
why permissions aspect of mixing proprietary and self-managed services

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.clusterlabs.org/pipermail/developers/attachments/20180608/477492f0/attachment-0002.sig>

More information about the Developers mailing list