| 1 |
>>>>> On Tue, 06 Oct 2020, Frédéric Pierret wrote: |
| 2 |
|
| 3 |
>> We've already discussed it in #-qa, and I still think that this is |
| 4 |
>> over-engineered. Users can validate the distfile by the Manifest and |
| 5 |
>> its signature, so exposing the feature to users is redundant. |
| 6 |
|
| 7 |
> IMHO, manifest verification and distfile verification are two separate |
| 8 |
> things. Before you validate and sign the Manifest, you need to fetch |
| 9 |
> (new) source and to verify it. This is not redundant at all. |
| 10 |
|
| 11 |
The eclass adds a second method of distfile verification on the user's |
| 12 |
side. So unless the feature is intended to replace digest verification |
| 13 |
on the long term (which I hope it isn't), it is redundant for users. |
| 14 |
|
| 15 |
It may be fine as an opt-in feature for developers, but I believe that |
| 16 |
enabling it by default for all users is wrong. |
| 17 |
|
| 18 |
Ulrich |
Archives