signing source code with gpg

Werner Koch wk at
Wed Mar 14 18:42:48 CET 2007

On Wed, 14 Mar 2007 18:06, jbruni at said:

> revision control system changes the content of the files it will
> invalidate the signature.

FWIW, I use this with some files and Subversion:

# Note: The subversion copy of this file carries a gpg:signature
# property with its OpenPGP signature.  Check this signature before
# adding entries:
#  f=foo; svn pg gpg:signature $f | gpg --verify - $f
# to create a new signature:
#  f=foo; gpg -sba $f && svn ps gpg:signature -F $f.asc $f



More information about the Gnupg-users mailing list