Version 1.0 (Aug 15, 2014)
Sources (gzip) src weechat-1.0.tar.gz (3.1 MB, sha1: b57cf1cfb2e45c1ba37432035419fb8800af47f5, gpg sig)
Sources (bzip2) src weechat-1.0.tar.bz2 (2.2 MB, sha1: d3070ffde05cb706d615144e71f933153871894d, gpg sig)
About release
ChangeLog doc ChangeLog-1.0.html
Release notes doc ReleaseNotes-1.0.html

Checking the signatures

  • Import the gpg key:
    $ gpg --keyserver wwwkeys.pgp.net --recv-keys DEC408F8
  • Display the fingerprint:
    $ gpg --fingerprint DEC408F8
  • Check that the fingerprint is correct by asking to a developer on #weechat (irc.freenode.net).
  • Trust the key:
    $ gpg --edit-key DEC408F8
    $ trust
  • In directory with package + signature:
    $ gpg --verify weechat-X.Y.Z.tar.gz.asc
  • If the signature is OK you should see a message like this one:
    gpg: Signature made Sat 20 Oct 2012 07:36:35 PM CEST using RSA key ID DEC408F8
    gpg: Good signature from "WeeChat (signing key) <webmaster@weechat.org>"