1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA256 |
3 |
|
4 |
On 15/04/15 05:49 AM, Ulrich Mueller wrote: |
5 |
>>>>>> On Wed, 15 Apr 2015, Micha³ Górny wrote: |
6 |
> |
7 |
>> This is problem with the CVS two-commit procedure. The only |
8 |
>> solution is to stop using CVS keywords which people don't want to |
9 |
>> do because THEY ARE SO VERY USEFUL. |
10 |
> |
11 |
>> Or make repoman do first commit without Manifest, so instead of |
12 |
>> unsigned Manifest you'd have Manifest failure. |
13 |
> |
14 |
> But that's what it does. It commits all other files, then it signs |
15 |
> the Manifest and commits that. |
16 |
> |
17 |
> However, if signing fails it will commit an unsigned Manifest. |
18 |
> Which I think is a misfeature. If I have FEATURES=sign then I want |
19 |
> to commit a signed Manifest. If there are problems, repoman should |
20 |
> error out but not do some other action that I've not asked for. |
21 |
> |
22 |
> Ulrich |
23 |
> |
24 |
|
25 |
Couldn't repoman sign a copy of the Manifest first (even if it's |
26 |
staged in temporary space somewhere), then either do it all in one |
27 |
commit or do the same two-stage commit it does now?? At least that |
28 |
would allow it to catch gpg errors and abort. |
29 |
|
30 |
|
31 |
|
32 |
-----BEGIN PGP SIGNATURE----- |
33 |
Version: GnuPG v2 |
34 |
|
35 |
iF4EAREIAAYFAlUualoACgkQ2ugaI38ACPCV7wEAuziEMB5clCZYzt/ztL9LXDtj |
36 |
XRaxgLP0/usM0yaOqMkA+wRx2LQEGlNnfQhV0e/SMc1kACx3tYoRVvFZxJTv12OT |
37 |
=1dae |
38 |
-----END PGP SIGNATURE----- |