|
|
|
|
|
|
by JamesSwift
972 days ago
|
|
|
I'm not 100% sure, but I know one benefit of content-addressed derivations is that they are secure by default. i.e. if the hash matches the build is trusted vs the traditional need to have separate "trusted signatures" and signing workflow to whitelist particular builders. |
|
|