1 |
On Sat, Apr 09, 2022 at 02:50:30PM +0800, William Kenworthy wrote: |
2 |
> A new use has shown up named "verify-sig". It seems simple enough from |
3 |
> its euse description but its causing a large number of packages to be |
4 |
> rebuilt unnecessarily (it defaults to off on my sytems). Should I |
5 |
> enable it? - I can find much info on it and it looks like it will cause |
6 |
> major user hassles considering its effects so far - I am surprised there |
7 |
> has been no news item for it which probably means its not considered a |
8 |
> useful use flag. |
9 |
|
10 |
Use --changed-use/-U rather than --newuse/-N when using emerge. |
11 |
|
12 |
With --changed-use, if USE is changing from to: |
13 |
enabled -> removed = rebuilds |
14 |
disabled -> removed = ignores (changes nothing, no rebuild needed) |
15 |
missing -> disabled = ignores (likewise, this is the verify-sig) |
16 |
missing -> enabled = rebuilds |
17 |
|
18 |
While --newuse rebuilds in all 4 cases. |
19 |
|
20 |
There's largely no reason to enable verify-sig as you're already |
21 |
verifying through the Manifest. This is primarily intended for |
22 |
developers, albeit for users it can give some assurance that |
23 |
signatures were checked. |
24 |
|
25 |
-- |
26 |
ionen |