Implement Signing of deb and rpm Files (!9) · Merge requests · LibreWolf / Browser / Bsys5

Malte Jürgens requested to merge signing into master May 13, 2022

This implements signing of the deb and rpm files. To make that work, we would have to have a "LibreWolf Maintainers" GPG key which is stored as a secret on GitLab. All maintainers should probably have access to that key. If everyone agrees with that, I can generate one.

In the end, the user could check the signatures with these commands:

gpg --import public_key.asc
dpkg-sig --verify librewolf.deb

rpm --import public_key.asc
rpm -K librewolf.rpm

This is currently the public key.

Edited May 15, 2022 by Malte Jürgens

Implement Signing of deb and rpm Files

Merge request reports