GPG-Verification with signature possible?

(Tommy Mühle) #1

Hi guys,

it is possible to verify a package (in my case a .phar file) with a additional signature file (.phar.asc) via GPG?
I found an issue in cask-context ( but no final answer.

Thank you and best regards,

(Mike McQuaid) #2

I’m not sure about Cask but this is not possible in Homebrew itself. A SHA256 signature should provide a certain degree of verification for you.