artifact attestations
From releases after the 03/10/2024 you can use the artifact_attestations
to verify the provenance of the build.
Using gh
cli you can use this command to verify the provenance of the build:
For example, using the x86_64-qbittorrent-nox
build: