1 |
On Sun, Jul 8, 2018 at 9:02 AM Kristian Fiskerstrand <k_f@g.o> wrote: |
2 |
> |
3 |
> On 07/08/2018 08:53 AM, Michał Górny wrote: |
4 |
> > Is safe git syncing implemented already? If not, maybe finish it first and cover both with a single news item. Git is going to be more efficient here, so people may want to learn they have an alternative. |
5 |
> |
6 |
> Why complicate things, and increase wait for something that benefits |
7 |
> most users, just to give alternatives to a few using non-default sync |
8 |
> mechanism. Securing git distribution is a whole different ballpark. |
9 |
> |
10 |
|
11 |
I'll agree that it is different, but we're talking about verification |
12 |
of the HEAD signature by infra, not verification of individual |
13 |
developer keys, which was the topic of the recent thread. |
14 |
|
15 |
Verification is already built-into portage for git syncing (but off by |
16 |
default). The problem is that portage will still checkout the tree if |
17 |
it fails verification. The patch is to do the verification before |
18 |
checking it out so that if it fails the tree is left in a |
19 |
last-known-good state (at least as seen by tools at the filesystem |
20 |
level - the fetched bad commits would still be visible to git). |
21 |
|
22 |
-- |
23 |
Rich |