| 1 |
(re-sending as I sent from the wrong account) |
| 2 |
On Wed, 2006-03-22 at 19:42 +0100, Stefan Schweizer wrote: |
| 3 |
> On 3/22/06, Donnie Berkholz <spyderous@g.o> wrote: |
| 4 |
> > This definitely sounds like a fun idea. It would be even cooler if we |
| 5 |
> > were using a distributed SCM on both ends that allowed for easy merging. |
| 6 |
> |
| 7 |
> |
| 8 |
> I think it should be all in a central place possibly saved with |
| 9 |
> GPG-Keys that need to be signed by trusted persons so that someone can |
| 10 |
> get access. |
| 11 |
> Because security seems to be a big problem with a public overlay, but |
| 12 |
> I think with gpg-key-based-access it could work. |
| 13 |
|
| 14 |
Yes, we use gpg signed patches for our darcs overlay system. We add the |
| 15 |
gpg keys of our trusted contributers to a keychain (on the server where |
| 16 |
the darcs repo lives). Then they use "darcs send --sign" and their |
| 17 |
patches get applied automagically. |
| 18 |
|
| 19 |
Patches from contributers who don't sign their patches (or if the key |
| 20 |
check fails) get forwarded to the Haskell herd's email alias so any herd |
| 21 |
member can review and apply / reject the patches. |
| 22 |
|
| 23 |
-- |
| 24 |
Duncan Coutts : Gentoo Developer (Haskell herd team lead) |
| 25 |
email : dcoutts at gentoo dot org |
| 26 |
|
| 27 |
-- |
| 28 |
gentoo-dev@g.o mailing list |
Archives