update readme

- this is actually for signing commits (tag) with gpg
2025-02-28 21:38:20 +03:00 · 2025-01-22 02:30:52 +03:00 · 2025-01-22 02:30:52 +03:00 · c40dd40861
commit c40dd40861
parent 855754c7e7
1 changed files with 3 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -47,6 +47,9 @@ This is the SHA fingerprint of LastPipeBender's signing key to verify downloaded
 1B:00:8D:64:BB:95:AB:47:74:D6:8B:87:F2:2B:8B:E9:A2:72:F4:92:4D:F5:20:29:D7:E6:18:38:35:D9:18:CC
 ```

+You should also check checksums in releases. Also you can compare checksums with GitHub Actions notices to ensure the apk file built with CI
+
+
 ### Project Management

 ```mermaid