|
|
|
|
|
|
by hsivonen
2963 days ago
|
|
|
Thank you. As a user, how (other than asking here) was I supposed to convince myself of the identity binding between “snapcrafters” and the GitHub org and to convince myself that trust in the correspondence between snapcraft.yaml and what I get when I install a snap is rooted in Canonical’s build service and not in trusting an individual uploader not injecting different binaries? |
|
|