[paludis-dev] [Paludis] #1242: [patch] GPG signature support for dotar

Paludis trac-paludis at exherbo.org
Tue May 8 20:35:17 UTC 2012


#1242: [patch] GPG signature support for dotar
-----------------------------+--------------------
    Reporter:  mehh          |      Owner:
        Type:  enhancement   |     Status:  new
    Priority:  Sometime      |  Milestone:
   Component:  clients/cave  |    Version:  0.74.1
  Resolution:                |   Keywords:
  Blocked By:                |   Blocking:
Distribution:  N/A           |
-----------------------------+--------------------

Comment (by dleverton):

 Strictly speaking this shouldn't assume that the same value of ${FETCHER}
 is OK for both the tarball and the signature.  On the other hand, having
 it separate implies having a --signature-fetch-option flag or something,
 which is possibly overdoing it a bit, and it's pretty unlikely to be
 different in practice....

 As for the race between downloading the tarball and downloading the
 signature, that's a bit unfortunate, but again I'm not sure if there's a
 reasonable alternative.  emerge-webrsync handles this by explicitly
 figuring out the date of the latest snapshot and downloading it by the
 dated name, rather than using "latest", which we could potentially do in a
 more specialised fetcher but not the generic tar one.

 If no-one has any further comments on the above, could you reattach in
 "git format-patch" format please?  It's not vital but allows the
 authorship to be recorded properly.

-- 
Ticket URL: <http://paludis.exherbo.org/trac/ticket/1242#comment:1>
Paludis <http://paludis.exherbo.org/>
Paludis, the Other Package Mangler


More information about the paludis-dev mailing list