[scl.org] package signing?

Remi Collet rcollet at redhat.com
Wed Apr 16 04:52:54 UTC 2014

Le 15/04/2014 22:13, Jim Perrin a écrit :
> Within the CentOS world we've been pointing folks at software
> collections for the newer nginx and httpd24 packages, however we've been
> getting some negative feedback because the packages aren't signed.

I think this will be solved as soon as RHSCL 1.1 will go GA and packages
will be backported in centos-scl repository ;)

For package not part of official RHSCL (such as php54more, php55more,
...) the solution should be EPEL, but Fedora Guidelines are not ready
for SCL... :(

> Are there plans to resolve this in the future?

Yes this is a problem.

But I don't really see how to solve it, as nearly everyone can create a
SCL in Copr (and then in softwarecollection.org).


rcollet at redhat.com | Senior Software Engineer / BaseOS / WebStack team
GPG Key: 0x29F16A18
Fingerprint: 5A0E 6F54 D94D 5732 69EE  E3FF 614A 6905 29F1 6A18

More information about the SCLorg mailing list