So you deliver your awesome library to hundreds of users each day, but they’re a tough bunch and they’re all like:
“Hey man, we gotta see some ID”
So you kneel to the whims of the rabble; you generate your GPG key pair and sign each artifact you deliver, because hell if you’re gonna let someone miss out on your superb code
And let there be no mistake – this road means pain, brother.
Wanna use some organization-wide key pairs? How do you plan to safely share them around?
Wanna make sure all products are properly signed? Good luck configuring each and every of your hundred or so builds!
But this is where Bintray swoops in like The Dark Knight, man! To save you from those GPG signing street gangs!
Because unlike the technological promises made by the second millennium (flying cars and whatnot), Bintray took an oath and…
View original post 271 more words