|
|
|
|
|
|
by sandov
2586 days ago
|
|
|
> Things look differently if the binaries were built on a central & trusted platform or by trusted packers. How so? I believe the same principle applies for centralized distribution. How do I know the packer didn't change the code?. The same way I trust repo mantainers I can trust application developers, or any other third party. And reproducible builds are possible both in decentralized and centralized modalities of distribution. Aren't they? |
|
|