summaryrefslogtreecommitdiffstatshomepage
path: root/posts/img/landing-page-dark.png
diff options
context:
space:
mode:
authorWolfgang Müller2021-05-22 13:22:34 +0200
committerWolfgang Müller2021-05-22 13:22:34 +0200
commit0da8a6e3d85a98e38b1abc2499f7e7b3fe5d9534 (patch)
treeef5f061ddaecc6dee62a740ec7de297c5491fcf0 /posts/img/landing-page-dark.png
parent7d3a8b42587ba51c6f5c738d1c4c35cb7d405e20 (diff)
downloadsite-0da8a6e3d85a98e38b1abc2499f7e7b3fe5d9534.tar.gz
posts: Add guide to verify a commit from a tarball
When generating archives, git-archive(1) puts the commit ID in the global extended pax header. Therefore, an interesting side effect of signing tarballs generated with git-archive(1) is that we also implicitly sign a commit. Whilst we don't expect anyone to go through the hurdles needed to verify such a commit signature, make sure to document this case anyway.
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions