On Tuesday 24 February 2015 14:01:39 Adam Majer wrote: > A signed tag automatically verifies the entire history as being > authentic (up to the tag). > > - Adam > > PS. GPG signed releases would also be nice in addition to simple hash > checksums. For example, one file with ALL hashes that is then signed > would verify these hashes (and all releases) as authentic.
We can consider that for new releases. The next upcoming release is 5.5 alpha. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel Open Source Technology Center _______________________________________________ Development mailing list [email protected] http://lists.qt-project.org/mailman/listinfo/development
