Dnia 2015-04-15, o godz. 11:59:12 Andrew Savchenko <birc...@gentoo.org> napisał(a):
> Hi, > > why manifest signatures are still optional for repoman? > > Repoman signatures are currently optional and this creates nasty > consequences: if signing errors occurs, repoman still proceeds :/ > > I just had a phone call during repoman commit and was not able to > type my password. Due to gpg-agent timeout repoman completed commit > without a signature :( Should signatures be mandatory, repoman will > bail out on such conditions and devs can recommit again safely. This is problem with the CVS two-commit procedure. The only solution is to stop using CVS keywords which people don't want to do because THEY ARE SO VERY USEFUL. Or make repoman do first commit without Manifest, so instead of unsigned Manifest you'd have Manifest failure. -- Best regards, Michał Górny
pgpwrcsB0YJRR.pgp
Description: OpenPGP digital signature
