b4n left a comment (geany/geany#4238) I agree with @eht16 concerns about a maliciously modified installer given SF history -- although my desperate optimism can't believe that would happen again.
However, if signing is required to look legitimate, it's a good idea to do it. Ideally we'd receive a signature separately and we include it ourselves, so we known it hasn't been tampered with. At least maybe having the unsigned version that cannot have been tempered with sounds like a useful compromise. But either way I'm fine with what you decide. -- Reply to this email directly or view it on GitHub: https://github.com/geany/geany/pull/4238#issuecomment-2955371423 You are receiving this because you are subscribed to this thread. Message ID: <geany/geany/pull/4238/c2955371...@github.com>
