[PATCH] makepkg: Implement the verify function
Allan McRae
allan at archlinux.org
Sat Jun 25 14:55:22 UTC 2022
On 29/5/22 00:18, Morten Linderud wrote:
> From: Morten Linderud <morten at linderud.pw>
>
> This patch implements a new verify function in makepkg. It allows us to
> do arbitrary authentication on sources before extraction.
>
> There are several new signing and validation methods being implemented
> and it would be hard to have `makepkg` implement support for things such
> as sequoia, cosign or minisign. This would allow us to distribute
> generic validation functions.
>
> This also implements a new `copy_` routine for our protocols as we need
> to have a separation between extracting sources and copying sources.
I have looked at this patch and I have no idea what the copy_... is
supposed to do here at all. Why would anything need copied into $srcdir
before verification? This does not appear necessary for and of sequoia,
cosign or minisign.
Allan
More information about the pacman-dev
mailing list