[bisq-network/bisq] Extend build script with ability to verify tor binaries delivered with netlayer (#4593)

chimp1984 notifications at github.com
Sat Oct 3 16:30:27 UTC 2020


Thats pretty bad practice IMO. We should keep a repo with historical data so anyone can verify it. To add a new repo where we add the official binaries and hash/sigs for each version Bisq uses would be good. As it seems current tor verion used cannot be verified I would suggest to update to one which we can verify asap. To maybe fork the netlayer project to bring it more under our own control might be good as well. We should remove those dependencies to 3rd party projects as far we can. Not sure if the dependency to cedrics repo is essential there as well, but that might be another candidate to look into how that is integrated in details.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/bisq/issues/4593#issuecomment-703129174
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20201003/15ad8c98/attachment.html>


More information about the bisq-github mailing list