Skip to content

Commit

Permalink
DOC: update Security page
Browse files Browse the repository at this point in the history 
PyPI does not host detached PGP signatures anymore.
  • Loading branch information
@dnicolodi
dnicolodi committed Jul 15, 2023
1 parent 6bdb6d0 commit d3f0854
Showing 1 changed file with 5 additions and 14 deletions.
19 changes: 5 additions & 14 deletions docs/security.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,25 +9,16 @@
Security
********

Distributors are recommended to fetch release sources via the Git_ tags on our
repository_, or the source distributions on the `meson-python PyPI page`_, both
Distributors are recommended to fetch release sources via the Git tags
on our repository_, or the source distributions on `PyPI`_. Git tags
are PGP-signed with one of the following keys:

- |3DCE51D60930EBA47858BA4146F633CBB0EB4BF2|_ *(Filipe Laíns)*
- |52BDC33FD1FBAB569D47FFA923D9E5499A08BDC5|_ *(Ralf Gommers)*
- |3DCE51D60930EBA47858BA4146F633CBB0EB4BF2|_ Filipe Laíns
- |52BDC33FD1FBAB569D47FFA923D9E5499A08BDC5|_ Ralf Gommers


.. admonition:: Fetching artifact signatures from PyPI_
:class: hint

To fetch the PGP signatures for artifacts on PyPI_, simply add ``.asc`` to
the artifact URL.


.. _Git: https://git-scm.com/
.. _repository: https://github.com/mesonbuild/meson-python
.. _meson-python PyPI page: https://pypi.org/project/meson-python/
.. _PyPI: https://pypi.org/
.. _PyPI: https://pypi.org/project/meson-python/

.. |3DCE51D60930EBA47858BA4146F633CBB0EB4BF2| replace:: ``3DCE51D60930EBA47858BA4146F633CBB0EB4BF2``
.. _3DCE51D60930EBA47858BA4146F633CBB0EB4BF2: https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x3dce51d60930eba47858ba4146f633cbb0eb4bf2
Expand Down

0 comments on commit d3f0854

Please sign in to comment.