[pacman-dev] [PATCH] repo-add: add --include-sigs option

Allan McRae allan at archlinux.org
Thu Sep 3 03:02:52 UTC 2020


Pacman now downloads the signature files for all packages when present in a
repository.  That makes distributing signatures within repository databases
redundant and costly.

Do not distribute the package signature files within the repo databases by
default and add an --include-sigs to revert to the old behaviour.

Signed-off-by: Allan McRae <allan at archlinux.org>
---
 doc/repo-add.8.asciidoc | 2 ++
 scripts/repo-add.sh.in  | 6 +++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/doc/repo-add.8.asciidoc b/doc/repo-add.8.asciidoc
index 8de4485b..9b903ab1 100644
--- a/doc/repo-add.8.asciidoc
+++ b/doc/repo-add.8.asciidoc
@@ -70,6 +70,8 @@ repo-add Options
 	Remove old package files from the disk when updating their entry in the
 	database.
 
+*\--include-sigs*::
+	Include package PGP signatures in the repository database (if available)
 
 Example
 -------
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in
index 7182d1b8..c153e7bb 100644
--- a/scripts/repo-add.sh.in
+++ b/scripts/repo-add.sh.in
@@ -42,6 +42,7 @@ LOCKFILE=
 CLEAN_LOCK=0
 USE_COLOR='y'
 PREVENT_DOWNGRADE=0
+INCLUDE_SIGS=0
 
 # Import libmakepkg
 source "$LIBRARY"/util/compress.sh
@@ -260,7 +261,7 @@ db_write_entry() {
 	fi
 
 	# compute base64'd PGP signature
-	if [[ -f "$pkgfile.sig" ]]; then
+	if (( INCLUDE_SIGS )) && [[ -f "$pkgfile.sig" ]]; then
 		if grep -q 'BEGIN PGP SIGNATURE' "$pkgfile.sig"; then
 			error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig"
 			return 1
@@ -622,6 +623,9 @@ while (( $# )); do
 		-p|--prevent-downgrade)
 			PREVENT_DOWNGRADE=1
 			;;
+		--include-sigs)
+			INCLUDE_SIGS=1
+			;;
 		*)
 			args+=("$1")
 			;;
-- 
2.27.0


More information about the pacman-dev mailing list