commit a963688fed34ce35f6b59dfe19766df7e430e59f
parent 8593a46e898e62d8d0f921c111880938fc468e27
Author: Daniel Moch <daniel@danielmoch.com>
Date: Thu, 29 Nov 2018 06:35:20 -0500
Added Contributing and Releases sections to README
Diffstat:
2 files changed, 25 insertions(+), 0 deletions(-)
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -14,6 +14,8 @@ Added
- ``CHANGELOG.rst``
+- Contributing and Releases sections added to README
+
Changed
~~~~~~~
diff --git a/README.md b/README.md
@@ -35,6 +35,29 @@ $ hookmeup install
More details are available by running `hookmeup --help`.
+## Contributing
+
+Pull requests are welcome, preferably via emailed output of `git
+request-pull` sent to the maintainer (see
+[here](https://www.git-scm.com/docs/git-request-pull) for more
+information). Bug reports should also be directed to the maintainer via
+email.
+
+## Releases
+
+Release tags will always be signed with the maintainer's [PGP
+key](https://www.danielmoch.com/static/gpg.asc) (also available on any
+public
+[keyserver](https://pgp.mit.edu/pks/lookup?op=get&search=0x323C9F1784BDDD43)).
+PGP-signed versions of release tarballs and pre-built
+[wheel](https://pythonwheels.com/) packages are available on
+[PyPI](https://pypi.org/project/hookmeup/), with the signature files
+living alongside the corresponding artifact (simply append an `.asc`
+extension). Because the maintainers of PyPI do not consider PGP
+signatures to be a user-facing feature, the extension must be added
+manually in your browser's URL bar in order to download the signature
+files.
+
## Acknowledgments
hookmeup is inspired by Tim Pope's