commit: e359e61a248088072623d84e59a73b3150a32faa Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Fri Nov 7 23:42:41 2025 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Fri Nov 7 23:42:41 2025 +0000 URL: https://gitweb.gentoo.org/data/gentoo-news.git/commit/?id=e359e61a
2025-11-01-portage-git-sync-verify: clarify a little bit We've had some users think that this news item is telling them to switch to the raw git repo, or that the raw repo is preferable to the 'metadata'/ 'sync' ones: clarify that we want people to use their existing methods and there is no need to change, unless they are using the raw git repo already. Also, mention that 'no' may be needed for key refresh as it depends on the availability of the keyservers... Bug: https://bugs.gentoo.org/959831 Bug: https://bugs.gentoo.org/965474 Signed-off-by: Sam James <sam <AT> gentoo.org> .../2025-11-01-portage-git-sync-verify.en.txt | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/2025-11-01-portage-git-sync-verify/2025-11-01-portage-git-sync-verify.en.txt b/2025-11-01-portage-git-sync-verify/2025-11-01-portage-git-sync-verify.en.txt index 528913d..37c156b 100644 --- a/2025-11-01-portage-git-sync-verify/2025-11-01-portage-git-sync-verify.en.txt +++ b/2025-11-01-portage-git-sync-verify/2025-11-01-portage-git-sync-verify.en.txt @@ -1,15 +1,15 @@ Title: Portage to verify git-synced ::gentoo per default Author: Florian Schmaus <[email protected]> Posted: 2025-11-01 -Revision: 1 +Revision: 2 News-Item-Format: 2.0 Display-If-Installed: sys-apps/portage -Portage is about to implicitly enable OpenPGP verification of the -::gentoo repository when synchronizing using git [1]. That is, a -future Portage version will set +Portage now implicitly enables OpenPGP verification of the "raw" ::gentoo +repository when synchronizing using git [1]. That is, >= Portage 3.0.70 will +set sync-git-verify-commit-signature = true -for the ::gentoo repository as default. +for the "raw" ::gentoo repository as default. This behavior change requires action from users who are synchronizing the "raw" ::gentoo git repository, as otherwise synchronization may @@ -26,7 +26,12 @@ Remotes of the "sync friendly" ::gentoo git repository include: - https://anongit.gentoo.org/git/repo/sync/gentoo.git - https://gitweb.gentoo.org/repo/sync/gentoo.git -No action is required when using one of these remotes. +We recommend using these instead of the "raw" repo because the "raw" repo +does not include news items, GLSAs, or generated metadata. No action is +required when using one of these remotes listed above. + +This news item is NOT instructing users to start using the raw repo, it +is just a necessary change if you are already using it. However, users of the "raw" ::gentoo remote repository need to adjust the repository configuration to verify against the "gentoo developers" @@ -46,6 +51,7 @@ location = /var/db/repos/gentoo sync-type = git sync-uri = https://github.com/gentoo/gentoo.git sync-openpgp-key-path = /usr/share/openpgp-keys/gentoo-developers.asc +# If you experience hangs or refresh failures, try 'no' instead. sync-openpgp-key-refresh = keyserver
