[scl.org] package signing?
Jakub QB Dorňák
jdornak at redhat.com
Wed Apr 16 07:04:44 UTC 2014
I have already thought about it. I see a chance to sign packages during the approval process.
Nearly everyone can create a SCL in Copr, but only some SCLs will be approved (and possibly signed) by scl.org maintainers.
QB
----- Original Message -----
From: "Remi Collet" <rcollet at redhat.com>
To: sclorg at redhat.com
Sent: Wednesday, April 16, 2014 6:52:54 AM
Subject: Re: [scl.org] package signing?
Le 15/04/2014 22:13, Jim Perrin a écrit :
> Within the CentOS world we've been pointing folks at software
> collections for the newer nginx and httpd24 packages, however we've been
> getting some negative feedback because the packages aren't signed.
I think this will be solved as soon as RHSCL 1.1 will go GA and packages
will be backported in centos-scl repository ;)
For package not part of official RHSCL (such as php54more, php55more,
...) the solution should be EPEL, but Fedora Guidelines are not ready
for SCL... :(
> Are there plans to resolve this in the future?
Yes this is a problem.
But I don't really see how to solve it, as nearly everyone can create a
SCL in Copr (and then in softwarecollection.org).
Remi.
--
rcollet at redhat.com | Senior Software Engineer / BaseOS / WebStack team
GPG Key: 0x29F16A18
Fingerprint: 5A0E 6F54 D94D 5732 69EE E3FF 614A 6905 29F1 6A18
_______________________________________________
SCLorg mailing list
SCLorg at redhat.com
https://www.redhat.com/mailman/listinfo/sclorg
More information about the SCLorg
mailing list