tried out hugo recently and was impressed
would like to use it on macOS but noticed there are no gpg signatures on the hugo website, like open source software usually has. and so i’m doubtful there are the native macOS equivalent signatures ? am i wrong about that ?
seems weird to just download random binaries from websites and execute them, like the 90s/00s… ? it wouldn’t take long to add signatures to the build server
sure, i can build from source, but the source code is pretty big, and i don’t know if it is appropriate for a compiled language to compile without any source signatures
the world has gone kind of crazy over https, but it doesn’t really do much