Sign your gems with PGP
Remember the recent Rubygems.org vulnerability? We don’t want all that to happen again do we? But the responsibility lies partly with us, the gem developers.
We at Phusion have already signed most of our repositories and gems with our PGP key, which in turned is signed by the rubygems-openpgp CA. Will you be the next to sign?
Comments
The sign up link on one of the pages is broken. It’ll be fixed shortly. For now you can sign up using this link.
You didn’t sign this post, how can we assume you’re indeed Phusion? :)
Post a comment