Re: ensuring integrity of sources (was: [arch-dev-public] todo list for moving http -> https sources)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

> Any PKGBUILD kept in git can already optionally have this feature. See
> git-commit(1), specifically, its --gpg-sign option.

I know that, I have
    [commit]
        gpgsign = true
in my ~/.gitconfig.

It would be nice if more people did that and if makepkg checked that,
though.
It would probably be counter-productive to enforce it on the AUR through
a git hook, but maybe a warning or something?
I might post that to aur-general at some point.

Cheers,
Bennett

-- 
GPG fingerprint: 871F 1047 7DB3 DDED 5FC4 47B2 26C7 E577 EF96 7808

Attachment: signature.asc
Description: OpenPGP digital signature

[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux