On 29/5/22 00:18, Morten Linderud wrote:
From: Morten Linderud <morten@linderud.pw>
This patch implements a new verify function in makepkg. It allows us to do arbitrary authentication on sources before extraction.
There are several new signing and validation methods being implemented and it would be hard to have `makepkg` implement support for things such as sequoia, cosign or minisign. This would allow us to distribute generic validation functions.
This also implements a new `copy_` routine for our protocols as we need to have a separation between extracting sources and copying sources.
I have looked at this patch and I have no idea what the copy_... is supposed to do here at all. Why would anything need copied into $srcdir before verification? This does not appear necessary for and of sequoia, cosign or minisign. Allan