Git based releases
Derek Atkins
warlord at MIT.EDU
Mon May 20 11:37:22 EDT 2013
Yawar Amin <yawar.amin at gmail.com> writes:
> On 2013-05-19, at 11:54, Geert Janssens <janssens-geert at telenet.be> wrote:
>
>> [...]
>>
>> Yours would generate an unsigned annotated tag. In the git-tag man page I found we could
>> also generate signed tags using -s or -u.
>>
>> I don't know the (dis)advantages of both methods and which one we should use then.
>
> Signed is better for a release. Unsigned can be removed any time by
> anyone, without a trace. Signed gives us an audit trail.
>
> Not to mention the benefit of a tag with a trusted OpenPGP signature.
This presumes we have a "trusted PGP Key" that we can use... Currently
we do not.
> ZZ
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
More information about the gnucash-devel
mailing list