A number of packages that I maintain have GPG signatures provided alongside the sources for new releases. Is there any best pratice approach / RPM macro magic for verifying the GPG signature of sources during build, or are packagers just (re)inventing the wheel each time ?
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
