On 20/02/11 21:47, Daniel Mendler wrote:
Hi Allan
As far as I am concerned, the major points on the TODO list that need patches are the first five for pacman:
TODO: fix (and refactor) reading signatures for packages installed with -U TODO: have a way to force a signature check with -U (i.e. abort if no signature is found) TODO: only replace old database when signature is valid TODO: output when downloading signature file - name when downloaded TODO: output when downloading signature file - "error" when not available
I have a patch for the third point. Can you please clarify the last two points? Do you think the output is too verbose (two download progress bars with the same name etc, and two error messages in case of error)?
Some examples of what those last two points cover: 1) VerifySig = Always, valid signature: :: Synchronizing package databases... pacman 1.0K 381.6K/s 00:00:00 [######################] 100% pacman 0.3K 14.4M/s 00:00:00 [######################] 100% kernel64 1.5K 42.2M/s 00:00:00 [######################] 100% Two download bars with the same name - the second should be something like pacman.sig 2) VerifySig = Always, no signature available: :: Synchronizing package databases... pacman 1.0K 317.1K/s 00:00:00 [######################] 100% error: failed retrieving file 'pacman.db.sig' from disk : No such file or directory error: Failed to download signature for db: No such file or directory error: failed to update pacman (invalid PGP signature) kernel64 1.5K 55.1M/s 00:00:00 [######################] 100% The error messages need reduced to a possibly single, clear message 3) VerifySig = Optional, no signature available: :: Synchronizing package databases... pacman 1.0K 363.2K/s 00:00:00 [######################] 100% error: failed retrieving file 'pacman.db.sig' from disk : No such file or directory kernel64 1.5K 30.5M/s 00:00:00 [######################] 100% That is not an actual error as signature checking is optional