Quote:
Originally Posted by evo2
Hi,
perhaps this is because the Release file doesn't contain hashes for Sources or Contents files. What tools are you using to create/populate this repo?
Evo2.
|
Is this necessary? saw some tutorials where it wasn't mentioned.
The whole repository is created through a Golang application that I have developed.
But the whole concept is the same as the one described in the documentation, to sign the Release file I use the package "github.com/ProtonMail/go-crypto/openpgp".
This is being really hard to understand because we can clearly see the gpg key signature in the file.