3 Jun
2008
3 Jun
'08
6:59 a.m.
Am Dienstag 03 Juni 2008 01:46:11 schrieb Geoffroy Carrier:
We have to think about the default interaction. It would be easy to sign all packages as the first step, so excepting signed packages for the first pacman release including GPG support seems fair to me. I think asking confirmation from the user in case packages are not signed, like apt tools do.
First: great work and thanks for starting the gpg-signing in pacman. Imho we should force devs to sign packages by default. Because the whole thing will become useless if only one single package in our repos is not signed. Pierre -- archlinux.de