09:00:21 -xmr-pr- erciccione opened pull request #1269: README: cleanups and updates 09:00:21 -xmr-pr- > https://repo.getmonero.org/monero-project/monero-site/-/merge_requests/1269 12:13:38 So, about the migration. We don't have many open issues, only 44. 19 of which are mine. If we don't find a quick way to transfer them i can just manually reopen all of them on github. 12:14:43 same for pull requests but easier. half are mine and the other half are abandoned or can be reopened on github 12:14:55 What about that? 12:15:22 luigi1111 could you give me triage permission on the github monero-site repo in the meantime? so i can clean up all those old issues 13:48:35 yes, soon 18:40:18 https://www.reddit.com/r/Monero/comments/fvk68v/comment/fmm2tc2 18:46:32 Good point, considering that PDFs can be vectors for malware 20:07:12 How would I go about adding a checksum/signature for the ztm pdfs? 20:16:20 You'd need to either sign them yourself and have your key added to the repo, or have someone else sign them 20:16:31 I also don't know if the PDFs are hosted on the same machine that serves the pages 20:17:11 (wouldn't matter if everyone checks signatures) 20:17:37 Reproducible PDFs is a neat idea too 20:19:39 Then nobody needs to trust that you or the signer generated the PDF directly from source 20:21:09 * sarang goes to look up information on reproducible PDFs from TeX 20:32:31 I imagine you'd need to specify version numbers for all packages 20:44:41 Yeah probably need to build in a specific container to simplify things? 20:45:02 Or be lazy and simply offer the source for people to compile if they're concerned 20:45:19 It's pretty straightforward compared to other builds :D 20:57:04 I'd be interested to hear of someone maliciously building ztm with alterations 20:59:08 I suppose the bigger threat is just replacing with a malware-laden PDF 20:59:18 Not one that's actually ZtM-like... 20:59:24 but one that includes some malware payload 20:59:43 But even so, signed hashes removes the possibility of any such situation