Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Release notes: - Update dependencies to reflect new URLs. - No code changes.
- Loading branch information
Release notes: - Update dependencies to reflect new URLs. - No code changes.
9270322There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for taking a while to reply to this. I was puzzled by what you meant, and never got around to asking why. I think I understand now.
https://github.com/github/smimesign/releases shows that v0.0.13 is "Verified", while v0.1.0 is not (I forgot to set up git signing). However, the "Verified" badge has no bearing on the uploaded assets:
That is, the four
smimesign-*build assets for each release are unsigned, and cannot be signed. GitHub only supports commit signatures forgitat the moment, and release assets live outside thegitrepository itself.This means the assets for v0.1.0 are not signed, but the assets for v0.0.13 and earlier versions are also not signed (and cannot be signed). You'll have to depend on the repo maintainers to upload the correct assets.
I've made a note to see if we can make this less confusing, but I thought I'd clarify here.
9270322There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
9270322There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We restored signed builds for Windows with https://github.com/github/smimesign/releases/tag/v0.1.1
If anyone was relying on that, please try out those builds and let us know if it worked!