Implement Signing of deb and rpm Files
Closes #4 (closed)
This implements signing of the deb and rpm files. To make that work, we would have to have a "LibreWolf Maintainers" GPG key which is stored as a secret on GitLab. All maintainers should probably have access to that key. If everyone agrees with that, I can generate one.
In the end, the user could check the signatures with these commands:
gpg --import public_key.asc
dpkg-sig --verify librewolf.deb
rpm --import public_key.asc
rpm -K librewolf.rpm
This is currently the public key.
Edited by Malte Jürgens