Hi all,
If you are an Open Source software developer, for the Nym ecosystem, you may appreciate the release of yubisigner, because yubisigner’s detached signature content can’t be faked, like Comment: and untrusted-comment, in GnuPG and signify-openbsd can be faked.
yubisigner is GUI based and allows additionally to create a Merkle-Tree of your source code folder, prior uploading to your repository or website and additionally includes four popular hashes in the detached .sig file. It is advised to sign the merkle-tree.txt file as well and time stamp all .sig files with opentimestamps.
Hope you like!