Skip to content

Commit

Permalink
Instructions for verification to include cosign
Browse files Browse the repository at this point in the history
  • Loading branch information
@mendhak
mendhak committed Nov 7, 2024
1 parent 445a966 commit 0148f4b
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ To verify the PGP integrity and signature:

```bash
gpg --recv-key 6989CF77490369CFFDCBCD8995E7D75C76CBE9A9
gpg --verify ~/Downloads/gpslogger-71.apk.asc
gpg --verify ~/Downloads/gpslogger-132.apk.asc
```

(Experimental) To verify with [Sigstore Cosign](https://docs.sigstore.dev/cosign/system_config/installation), the command should be in the releases notes, it will look like this:
Expand All @@ -52,7 +52,7 @@ cosign verify-blob gpslogger-132.apk \
To verify the checksum:

```bash
sha256sum -c ~/Downloads/gpslogger-71.apk.SHA256
sha256sum -c ~/Downloads/gpslogger-132.apk.SHA256
```


Expand Down

0 comments on commit 0148f4b

Please sign in to comment.