Closed
Bug 1109323
Opened 10 years ago
Closed 10 years ago
Firefox for Android releases are not GPG-signed
Categories
(Release Engineering :: Release Automation, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 661878
People
(Reporter: bugzilla, Unassigned)
Details
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0
Build ID: 20141127110442
Steps to reproduce:
Visit https://ftp.mozilla.org/pub/mozilla.org/mobile/releases/34.0/.
Actual results:
No SHA512SUMS / SHA512SUMS.asc is present.
Expected results:
There should be SHA512SUMS / SHA512SUMS.asc files so users can verify downloaded APKs using GPG.
Comment 1•10 years ago
|
||
Coop is this a dupe of bug 661878?
We don't want users on the ftp builds. They don't have an update mechanism, we suggest f-droid as a place to get the app for people who want to avoid Google. https://f-droid.org/repository/browse/?fdfilter=firefox&fdid=org.mozilla.firefox
Component: General → Release Automation
Flags: needinfo?(coop)
Product: Firefox for Android → Release Engineering
QA Contact: bhearsum
Version: Firefox 34 → unspecified
Comment 2•10 years ago
|
||
(In reply to Kevin Brosnan [:kbrosnan] from comment #1)
> Coop is this a dupe of bug 661878?
Duped.
> We don't want users on the ftp builds. They don't have an update mechanism,
> we suggest f-droid as a place to get the app for people who want to avoid
> Google.
> https://f-droid.org/repository/browse/?fdfilter=firefox&fdid=org.mozilla.
> firefox
We want a signature internally to verify downloads as well, so I don't think there's any harm in providing the signature if we aren't going to hide the builds.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Flags: needinfo?(coop)
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•