grickle, to Horror
@grickle@mstdn.social avatar

Book Signing at The Toronto Comic Arts Festival this Saturday, May 11th! I'll be located on Floor 2, Table 2014/2015 (the @01firstsecond table) at 10:30am! Excited to sign your books and doodle in them! Hope to see all you wonderful folks there!

image/jpeg
image/jpeg

grickle, to comics
@grickle@mstdn.social avatar

Toronto!! I'll be attending TCAF this year! You'll find me at the @01firstsecond Table signing copies of my books on Saturday, May 11th! Come on by and say hi!

dpecos, to random

Are you attending a / -party? I've written a small post on how to best prepare and get ready!

Super useful as a checklist to not to forget anything!

https://danielpecos.com/2024/01/23/attending-a-pgp-gnupg-signing-party/

nono2357, to random

to on by June 2024
https://decrypt.co/210393/ledger-to-disable-blind-signing-on-dapps-by-june-2024

b0rk, to random
@b0rk@jvns.ca avatar

some miscellaneous git facts https://jvns.ca/blog/2023/10/20/some-miscellaneous-git-facts/

nabijaczleweli,
@nabijaczleweli@101010.pl avatar

@b0rk just looking at my urlview-ng tree, notes/ and remotes/ are two other very common ref namespaces
well, remotes/ is much more common, i s'pose, since git notes are kinda ass, but a common application for the latter, besides git notes on a commit in the default namespace being shown in the log and format-patch, is tarball signatures (this feature originated in cgit i think? but shart supports it as well – https://man.sr.ht/git.sr.ht/#signing-tagsx27-tarballs yielding the ".asc"-described links on https://git.sr.ht/~nabijaczleweli/urlview-ng/refs)

$ git log -2 refs/notes/signatures/tar.gz commit c87acc31ba30c057d69b845c00178d7114b74705 Author: наб Date: Sat Oct 7 12:30:17 2023 +0200 Notes added by 'git notes add' commit 4447f4055bbac8d2e494e9dc4e92ba5d6c50ca14 Author: наб Date: Sat Oct 7 12:26:24 2023 +0200 Notes added by 'git notes add' $ git show -1 refs/notes/signatures/tar.gz commit c87acc31ba30c057d69b845c00178d7114b74705 Author: наб Date: Sat Oct 7 12:30:17 2023 +0200 Notes added by 'git notes add' diff --git a/76b4072fd274bdba75006bf3965810d4014cded6 b/76b4072fd274bdba75006bf3965810d4014cded6 new file mode 100644 index 0000000..1c26784 --- /dev/null +++ b/76b4072fd274bdba75006bf3965810d4014cded6 @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEfWlHToQCjFzAxEFjvP0LAY0mWPEFAmUhMzkACgkQvP0LAY0m +WPF/Fw/7BYrga+1zdXDt4Z2ZArTyoNxjrIoWAXcjWXiCxdf28RjhVMtWDTH0RLqJ +XpxEfdyQ/6W5TgxjRPxEKkbAFZNv3T8Ka+vya0zLu9a4DKe4IM053wUhEcxUS1ER +7xZSVNndHVgDYcOaHqZC+fncvJo3FtVu9SP8OyOF0TCZP+AlQHxSSIOQ20DLtGbH +dqGVnXUjlv0r/t4A9m7kATAqa9lj56iVJv+gGABdczNoxHcDeJP2gmbwkEML2lt+ +9OXPH6X5LH9ExMuOpSAnn25Coh4StD1mKQxmzK8kOtBUB4fI2V49uSNFjopBaj9P +k7ghLZS/N6hBELsqDRu8zfaf1RCiH7EVJJKrZWqH+tSs/uEjnHl7Pq6qYJM2AOq7 +LjxvPruKCuipXAIt0RG+fqYxozVy5JpiMv6N2KATG0lGH+QmwAImHopR9YKnodgv +BQZ10k/sNMX8Rbl9mIEqD0x/7ovWjyL0UUK5AoSufEtacdMAnkxelQsNohrMcYev

IzzyOnDroid, to random
@IzzyOnDroid@floss.social avatar

You've read about F-Droid's recently? Now, the repo makes use of that implementation. How, you ask?

Well: part of the process is to compare APKs and make sure they carry the signature of their authors. That's done by fdroidserver whenever the YAML file of an app has "AllowedAPKSigningKeys:" defined. APKs with not-matching signatures are rejected. That's used by my repo now to make sure updates are "legit" (and not placed to the repo by a malicious actor). (1/4)

IzzyOnDroid,
@IzzyOnDroid@floss.social avatar

Dear , take good care of your keys! Watch them like your crown jewels! Don't let them get into the wrong hands!

NO! Do NOT upload them to Github/GitLab etc. Have a good (encrypted!) backup of them – not on the disk of your development machine, but elsewhere. So should your machine crash, you'll still have them. Your code is in your repo, your keys are in a safe place – then you and those using your apps are fine! (4/4)

florenciocano, to random Spanish

Some people think that supply chain security is just and . Those are important, especially in some scenarios, but what is really important in supply chain security is taking responsibility and accountability for the security of any component that you use in your application.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • provamag3
  • kavyap
  • DreamBathrooms
  • InstantRegret
  • magazineikmin
  • thenastyranch
  • ngwrru68w68
  • Youngstown
  • everett
  • slotface
  • rosin
  • ethstaker
  • Durango
  • GTA5RPClips
  • megavids
  • cubers
  • modclub
  • mdbf
  • khanakhh
  • vwfavf
  • osvaldo12
  • cisconetworking
  • tester
  • Leos
  • tacticalgear
  • anitta
  • normalnudes
  • JUstTest
  • All magazines
    •