On 9/21/20 3:02 AM, Allan McRae wrote: > On 21/9/20 3:51 pm, Andrew Gregory wrote: >> I would suggest just allowing the user to specify either way >> (--include-sigs/--no-include-sigs, --include-sigs={yes,no}, etc). >> Then uses can specify whatever they want without having to worry about >> what we set as a default. >> > > The problem is more the transition. I would like the default to be not > to include the signatures in the repo database. So does pacman need to > manage the transition from having signatures in a database to not, or do > the users need to manage that? > > With my patch (or any variant the does not include signatures by > default), users upgrading to repo-add v6.0 would need to adjust their > repo management utilities to add a signature include option immediately, > as their users may still be using pacman-5.x. > > Thinking of Arch here, a dbscripts update would need launched on the > server at the same time as updating repo-add. I am OK with that - some > updates need done in concert. But Eli was not.
I'm concerned both about the need to time the adjustment of the option, and about the desire for what I see as sane defaults. My preference is to provide both options, but change the default in pacman 6.0.1. While we're hacking on repo-add options, we could go ahead and make it use parseopts, because the current handling is gross. Also I would like an elephant (usually I would request a pony, but this felt more apropos if we're talking about repo-add). -- Eli Schwartz Bug Wrangler and Trusted User
signature.asc
Description: OpenPGP digital signature