On Sun, 16 Jul 2023 at 17:03, Tom Rini <tr...@konsulko.com> wrote: > Does bitbake have any infrastructure atm for dealing with signed tags? > I'm fine with (for now, as LTS is a hope not a feature) keeping the > branch portion. But if it was possible to say it must be a tag signed > by X key, that would help a little with the concern about moving to some > more arbitrary commit.
As far as I know, git fetcher doesn't verify tags. They don't even have to be signed, checking that a tag specified in a recipe matches a commit id specified in a recipe would also guard against unwanted commits, but the fetcher doesn't do that check either. Alex
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#184418): https://lists.openembedded.org/g/openembedded-core/message/184418 Mute This Topic: https://lists.openembedded.org/mt/100144566/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
