Consider using tags for the git repository

[David Runge]

Hi!
Up until recently I have been maintaining this project as a package for Arch Linux.

Going back to bump the version for fixing https://sourceforge.net/p/refind/discussion/general/thread/7659d4ff48/ I realized that the git repository of this project does not have any tags: https://sourceforge.net/p/refind/code/ci/master/tree/

In light of recent events (backdoor code added to the xz project and activated using a manipulated configure script in a custom (signed) source tarball) I would like to ask for the following:

Please tag releases of this project going forward and create source tarballs/ prebuilt binaries from that specific tag.
The upsides for downstreams and in effect users are plenty:
- version tracking by packagers can be done using git (using regex on a url is rather cumbersome)
- project can be built from a specific git commit (downstreams will prefer this over custom source tarballs)
- the release becomes auditable (it is hard evaluating changes between the git repository and a custom source tarball if there are no tags, when building from tags, it becomes easy!)

Thanks for you work on this project!

[Roderick W. Smith]

I do use git tag on release versions; the latest has a tag of "v.0.14.2".

[nl6720]

@srs5694, I think you may have forgotten to push the tags.