[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [scl.org] package signing?

I have already thought about it. I see a chance to sign packages during the approval process.
Nearly everyone can create a SCL in Copr, but only some SCLs will be approved (and possibly signed) by scl.org maintainers.

----- Original Message -----
From: "Remi Collet" <rcollet redhat com>
To: sclorg redhat com
Sent: Wednesday, April 16, 2014 6:52:54 AM
Subject: Re: [scl.org] package signing?

Le 15/04/2014 22:13, Jim Perrin a écrit :
> Within the CentOS world we've been pointing folks at software
> collections for the newer nginx and httpd24 packages, however we've been
> getting some negative feedback because the packages aren't signed.

I think this will be solved as soon as RHSCL 1.1 will go GA and packages
will be backported in centos-scl repository ;)

For package not part of official RHSCL (such as php54more, php55more,
...) the solution should be EPEL, but Fedora Guidelines are not ready
for SCL... :(

> Are there plans to resolve this in the future?

Yes this is a problem.

But I don't really see how to solve it, as nearly everyone can create a
SCL in Copr (and then in softwarecollection.org).


rcollet redhat com | Senior Software Engineer / BaseOS / WebStack team
GPG Key: 0x29F16A18
Fingerprint: 5A0E 6F54 D94D 5732 69EE  E3FF 614A 6905 29F1 6A18

SCLorg mailing list
SCLorg redhat com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]