On Sat, Jun 12, 2021 at 10:29:50AM +0200, Marius Schwarz wrote: > Am 12.06.21 um 02:51 schrieb Kevin Fenzi: > > > > > Also, not having it available has made it *very* hard to prioritize > > > getting the issues fixed in DNF. So being able to improve this is > > > predicated on the existence of signed metadata. > > This seems odd to me. I mean, it can't be hard to setup a test repo, is > > it? I suspect we could even ask QE folks to do some testing and map out > > the issues they find. I don't think it's nice/ethical to break users > > just as a means to make bugs we want to have fixed higher priority. > > > > Anyhow, we are pretty off topic for this thread, so I'll try and stop... > > > > kevin > > > > Does it really hurt someone, if the repos get signed and clients just do not > check this by default? Nope, but it's still not technically possible. There needs to be work in bodhi and robosignatory at least. > > Of course, the signing should not break the unchecked repo in any form, > which needs a small testcase ;) Sure, but if all thats needed is a test repo, I can setup one right now on my fedorapeople space... :) kevin
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
