|
|
|
|
|
|
by momentoftop
1065 days ago
|
|
|
When I started using CL 20 years ago, libraries were stored on cliki and any malicious user could put malware there. Any source you asdf-installed was generally GPG signed and the installer automatically checked signatures against your personal trust-chain. Learning CL back then was my first introduction to GPG (and Emacs, and Linux) |
|
|
Which, in practice, involved downloading GPG public keys from cliki because I didn't know every single CL developer.