commit: 45e536f02d4b3e3dc48b60228ac345dd49a75228
parent 02193186105890e07af1160af5551198fe077437
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Sat, 11 Jan 2025 05:07:49 +0100
projects: drop minisign recommendation as it did some EEE
Diffstat:
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/projects/badwolf.shtml b/projects/badwolf.shtml
@@ -14,6 +14,7 @@
<body itemscope="" itemtype="https://schema.org/SoftwareApplication">
<!--#include file="/templates/en/nav.shtml" -->
<!--#set var="baseName" value='badwolf-1.3.0' -->
+<!--#set var="signifyName" value='2021.04' -->
<main itemprop="applicationCategory" content="BrowserApplication">
<!--#include file="/projects/badwolf/nav.shtml" -->
<h1 itemprop="name">BadWolf</h1>
@@ -50,10 +51,15 @@
</ul>
<p>BadWolf is using <a href="https://semver.org/spec/v2.0.0.html">Semantic Versioning</a> with considering that the User-Interface is part of the interface stabilisation. Release branches (ie. <code>1.0.x</code>) are supported for 6 months for any bug fixes and 2 years for security fixes.</p>
<p>
- Tarball signature check: <a href="https://flak.tedunangst.com/post/signify">signify</a>/<a href="https://github.com/jedisct1/minisign">minisign</a> is the recommended tool to use, you can find my key at <a href="/releases/signify/2021-04.pub">/releases/signify/2021-04.pub</a>, you can find more info about how I manage the keyset in: <a href="/articles/Bootstrapping%20signify%20for%20my%20assets">Bootstrapping signify for my assets</a>.<br />
- The command to verify the tarball looks like this: <code><kbd>signify -V -p signify/2021-04.pub -x <!--#echo var="baseName" -->.tar.gz.sign -m <!--#echo var="baseName" -->.tar.gz</kbd></code>
+ Tarball signature check:
+ <a href="https://flak.tedunangst.com/post/signify">signify</a> (<a href="https://github.com/aperezdc/signify/">portable version maintained by Adrian Perez</a>) is the recommended tool to use.
+ You can find the key at <a href="/releases/signify/<!--#echo var="signifyName" -->.pub">/releases/signify/<!--#echo var="signifyName" -->.pub</a>,
+ you can find more info about how I manage the keyset in: <a href="/articles/Bootstrapping%20signify%20for%20my%20assets">Bootstrapping signify for my assets</a>.<br />
+
+ The command to verify the tarball looks like this: <code><kbd>signify -V -p signify/<!--#echo var="signifyName" -->.pub -x <!--#echo var="baseName" -->.tar.gz.sign -m <!--#echo var="baseName" -->.tar.gz</kbd></code>
</p>
+
<h2>Tested and supported platforms</h2>
<dl>
<dt>OS</dt>
diff --git a/projects/utils-std.shtml b/projects/utils-std.shtml
@@ -56,7 +56,7 @@
</p>
<p>
Tarball signature check:
- <a href="https://flak.tedunangst.com/post/signify">signify</a>/<a href="https://github.com/jedisct1/minisign">minisign</a> is the recommended tool to use.
+ <a href="https://flak.tedunangst.com/post/signify">signify</a> (<a href="https://github.com/aperezdc/signify/">portable version maintained by Adrian Perez</a>) is the recommended tool to use.
You can find the key at <a href="/releases/signify/<!--#echo var="signifyName" -->.pub">/releases/signify/<!--#echo var="signifyName" -->.pub</a>,
you can find more info about how I manage the keyset in: <a href="/articles/Bootstrapping%20signify%20for%20my%20assets">Bootstrapping signify for my assets</a>.<br />
