Replaces the REPLACE_ME placeholder public key in libreportal.pub and install.sh with the real LibrePortal release-signing public key (id BC92526B3ECA7F41). The secret half is held offline by the maintainer. This activates the signature-required path everywhere it was wired but inert: install.sh now REQUIRES a valid tarball signature on release installs, the updater (fetch.sh) requires it on update, and the integrity check (verify.sh) will report a real "Verified" state once a signed release is installed. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
3 lines
130 B
Plaintext
3 lines
130 B
Plaintext
untrusted comment: LibrePortal release signing key (id BC92526B3ECA7F41)
|
|
RWRBf8o+a1KSvF08fA3oKrVz/71D60YeF4GO66ntVeJvzAkI57sjgM1S
|