Rebrand artwork to TDE #7
Merged
SlavekB
merged 1 commits from other/artwork
into master
4 years ago
Loading…
Reference in new issue
There is no content yet.
Delete Branch 'other/artwork'
Deleting a branch is permanent. It CANNOT be undone. Continue?
See images below.
Rebrand images look good.
96781fd7e7
into master 4 years agoThank you for your contribution!
Welcome Janek!! Good to have you contributing too 😄
@jstolarek
A note and a question.
when you create a commit, could you also use the -s flag in addition to -S? It adds the sign-off clause to it.
when can I import your public GPG key from? I tried a few known gpg servers but I can't seem to find it
Ok, I think I that when I replied email notification it was sent to an unsupervised mailbox. (Maybe notification emails should have the ReplyTo field set to user's email?) So, again:
I'm new to using GPG so apologies if I didn't get everything right.
Ah, ok. I'm just relying on having
gpgsign = true
in my .gitconfig. Didn't realize the two flags aren't the same.Where can I upload it to make it publicly available? At the moment it's just added to my gitea account.
Also, I'm working on two different machines and these have their own GPG keys each. I guess that's not how it's supposed to be done (like with SSH keys) but I'm yet to figure out the Right Way of doing things with GPG.
It's not a completely unmonitored mailbox – it comes to the administrator, now to me. There are two disadvantages to using a user address as a sender:
The ideal solution would be if there was a gateway between email and TGW. Maybe we will prepare that sometime in the future…
Yes, gpg signature and signed-off-by are two separate things that have two separate options. By adding a Signed-off-by signature you express your consent to the DCO, therefore it is required.
Thanks to you uploaded your gpg key to TGW, your commits are green, because TGW knows your key and can therefore trust it.
In order for other users to verify the validity of your commits' signatures, they should be able to download your public key. Therefore, it is a good idea to upload your public key to key servers. Because GPG/PGP is based on mutual trust, it is also possible to verify and sign your key there, which will increase the credibility of your key.
The best available key server for uploading your public key seems to be http://keyserver.ubuntu.com/
The GPG key is used to verify your identity, regardless of the machine you are currently using. Its trust is increased by having your key signed by other users. Therefore, it is common to use one GPG key and carefully guard your private key.
@SlavekB, thanks for explaining all the GPG stuff. I'll probably need to do a little bit of research on my side, but my public keys should be available on the public servers. (I've seen a mention that the servers synchronize with eachother?)
All good, singature found, imported and signed 😄
Reviewers
96781fd7e7
.