cayenne-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nikita Timofeev <ntimof...@objectstyle.com>
Subject Re: [VOTE] 4.0.M5 release v2
Date Mon, 06 Mar 2017 09:26:04 GMT
Hi all,

As we have everything required for the M5 release I'm going to
complete it today.

Thank you for your votes and ideas!

On Thu, Mar 2, 2017 at 4:49 PM, Aristedes Maniatis <ari@maniatis.org> wrote:
> On 2/3/17 8:51pm, Andrus Adamchik wrote:
>>
>>
>>> On Mar 2, 2017, at 11:55 AM, Aristedes Maniatis <ari@maniatis.org> wrote:
>>>
>>> Would it help if we set up a Jenkins job to create the build artifacts then we
have an easier to verify chain from source checkout to artifact creation?
>>
>> It most certainly will. How do we sign the files though?
>
> There can still be a step of downloading the files from jenkins, signing and uploading.
md5 hashes are still there for verifying the Jenkins output is intact.
>
> I'm not sure how we verify that Jenkins itself isn't compromised, but perhaps we can
ask what others do.
>
>
> Ari
>
>
>
> --
> -------------------------->
> Aristedes Maniatis
> GPG fingerprint CBFB 84B4 738D 4E87 5E5C  5EFA EF6A 7D2E 3E49 102A



-- 
Best regards,
Nikita Timofeev

Mime
View raw message