Release tags are not signed

A portable, multi-platform, command-line driven graphing utility

Brought to you by: broeker, cgaylord, lhecking, sfeam

#302 Release tags are not signed

Milestone: None

Status: open

Owner: nobody

Labels: None

Priority: None

Updated: 2025-05-27

Created: 2025-05-27

Creator: Anonymous

Private: No

Please provide a way for me to verify the git source-code at a given release. Git provides support for GPG and ssh based tag signatures via git tag --sign .... Please publish the public key(s) used for signing on your gnuplot.info website.

Providing signatures would allow me to verify that sourceforge hasn't injected anything malicious into the source, which IMO is a valid concern given their previous behaviour.

Discussion

Ethan Merritt - 2025-05-27

Ticket moved from /p/gnuplot/bugs/2803/

Can't be converted:

_milestone:

_priority:
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Release tags are not signed

A portable, multi-platform, command-line driven graphing utility

Group

Searches

Help

#302 Release tags are not signed

Discussion