| 1 |
On 07/08/2018 06:56 AM, Michał Górny wrote: |
| 2 |
> W dniu nie, 08.07.2018 o godzinie 15∶02 +0200, użytkownik Kristian |
| 3 |
> Fiskerstrand napisał: |
| 4 |
>> On 07/08/2018 08:53 AM, Michał Górny wrote: |
| 5 |
>>> Is safe git syncing implemented already? If not, maybe finish it first and cover both with a single news item. Git is going to be more efficient here, so people may want to learn they have an alternative. |
| 6 |
>> |
| 7 |
>> Why complicate things, and increase wait for something that benefits |
| 8 |
>> most users, just to give alternatives to a few using non-default sync |
| 9 |
>> mechanism. Securing git distribution is a whole different ballpark. |
| 10 |
>> |
| 11 |
> |
| 12 |
> Let me rephrase. Let's say I'm using rsync. This new feature is |
| 13 |
> something positive but it breaks my use case (for one of the listed |
| 14 |
> reasons -- overlayfs, inode use, small fs cache). After reading this |
| 15 |
> news item, I learn that my only option is to disable the new feature. |
| 16 |
> |
| 17 |
> Now, I would appreciate being told that there's an alternate sync method |
| 18 |
> that handles secure updates without having all those drawbacks. |
| 19 |
|
| 20 |
The thing is, the normal git tree doesn't even provide pre-generated |
| 21 |
metadata, and I see then gentoo-mirror repo that provides metadata does |
| 22 |
not have commits signed with an release key: |
| 23 |
|
| 24 |
https://github.com/gentoo-mirror/gentoo/commits/stable |
| 25 |
|
| 26 |
So I'm really not comfortable recommending git to anyone at this point. |
| 27 |
-- |
| 28 |
Thanks, |
| 29 |
Zac |
Archives