|
|
|
|
|
|
by organicdeadbeef
4754 days ago
|
|
|
Something along those lines. The Linux kernel maintainers do a great job tagging releases and ensuring that they are signed appropriately. Others are less careful, and it'd be useful to know that the content you saw tagged as 0.5.9 a month ago is the same as what you see today. Git allows you to check this, but only if you keep your repository around. I can see uses extending beyond tags, where people wish to claim that code existed at a particular point in time. It's possible to fake the git metadata and push the faked commit. If your notary can say that a particular commit was public, you raise the bar from changing the system clock to inventing time travel (or hacking the notary, whichever is your cup of tea). |
|
|