[pacman-dev] Status of package signing work
Allan McRae
allan at archlinux.org
Mon Nov 22 12:30:22 CET 2010
On 22/11/10 11:59, Denis A. Altoé Falqueto wrote:
> On Sat, Nov 20, 2010 at 10:51 PM, Allan McRae<allan at archlinux.org> wrote:
>> - TODO: download and verify signatures of dbs (patches:
>> http://mailman.archlinux.org/pipermail/pacman-dev/2010-July/011433.html
>> http://mailman.archlinux.org/pipermail/pacman-dev/2010-July/011434.html)
>>
>> I think the very last TODO there is the only thing stopping us from getting
>> some actual testing of this work underway. I think I have my head around
>> what the two patches are doing now, but I am not sure I like the "how" of
>> that doing. So I will make an attempt into hacking them as I see fit in the
>> next few days... Then I will publish a signed repo with a pacman-git and we
>> can see how this all goes!
>
> Please, don't hesitate in asking if you have any questions about the
> implementation details. Or if you want to delegate the real work, you
> can ask me to change specific details. Just say what to do and i can
> help.
I was going to get you to do some adjustments, but while reviewing those
two patches I decided that it should be done in a slightly different
way... and then I prototyped that way for you to adjust your patches to
follow... and then I just finished the patches! So I am not ignoring
your patches, but just though that their goal should be achieved in a
different way.
I will send my two patches to this list following this email. I think
they completely cover the first patch linked above but the second patch
looks like it had an unrelated change included in it that I have not
looked at (reading in PGPSIG without requiring a size?). That should be
resubmitted as a separate patch with a commit message explaining it.
Allan
More information about the pacman-dev
mailing list