Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sign PHAR #244

Open
sebastianbergmann opened this issue Jun 15, 2020 · 5 comments
Open

Sign PHAR #244

sebastianbergmann opened this issue Jun 15, 2020 · 5 comments
Labels
enhancement

Comments

@sebastianbergmann
Copy link

sebastianbergmann commented Jun 15, 2020
edited
Loading

Because the PHP Archives (PHARs) of this tool are currently not signed, the --force-accept-unsigned option is required when using Phive to install/update this tool.

Please consider signing the PHP Archives (PHARs) of this tool with a GPG key and publish that signature alongside the signed PHAR so that --force-accept-unsigned is not required when using Phive.

Thank you!
@Ocramius
Copy link
Member

Possibly feasible once we move to github actions, and then we can use an organization secret where to store a GPG signing (sub-)key

@Ocramius Ocramius added this to the 5.0.0 milestone Jun 15, 2020
@sebastianbergmann sebastianbergmann mentioned this issue Jun 15, 2020
Closed
@sebastianbergmann
Copy link
Author

Thank you for considering this!

@Ocramius Ocramius modified the milestones: 5.0.0, 5.1.0 Jun 22, 2020
@sebastianbergmann
Copy link
Author

The 5.0.0 release does not have a PHAR (yet). Will one be published? Thanks!

@Ocramius
Copy link
Member

Guess something broke (AGAIN) in the travis publishing logic.

@Ocramius
Copy link
Member

@sebastianbergmann for now, I attached a manually built phar to the release @ https://github.com/Roave/BackwardCompatibilityCheck/releases/tag/5.0.0

@Ocramius Ocramius mentioned this issue May 13, 2021
Merged
@Ocramius Ocramius modified the milestones: 5.1.0, 6.0.0 Nov 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sebastianbergmann @Ocramius