Re: What is the Value of t/0-signature.t?
Moin, On Saturday 18 March 2006 03:39, Adam Kennedy wrote: > Audrey Tang wrote: > > On 3/17/06, chromatic <[EMAIL PROTECTED]> wrote: > >>Do you mean that it's valuable only for the author to run (perhaps > >> during disttest) and rarely useful for the user to run during > >> installation? > > > > Aye. Though I can imagine users who'd like to run them as well... > > This is after all not that different from the Test::Pod situation, in > > it that it verifies integrity of the distribution and not the > > module's function itself. > > > > Audrey > > For a user, how does signature.t act differently to the built-in > signature checking of CPAN.pm. > > What does it add? (apart from hung blocky non-blocking connections to > the keyserver on Win32) :( It adds the annoyance that a local test suddenly wants to connect to the outside world. Thats fun, when the outside world is not available... Best wishes, Tels -- Signed on Sat Mar 18 09:33:06 2006 with key 0x93B84C15. Visit my photo gallery at http://bloodgate.com/photos/ PGP key on http://bloodgate.com/tels.asc or per email. Kernel Panik is here! - http://ubersoft.net/kpanic/ pgpqepr1vqvqE.pgp Description: PGP signature
Re: What is the Value of t/0-signature.t?
Audrey Tang wrote: On 3/17/06, chromatic <[EMAIL PROTECTED]> wrote: Do you mean that it's valuable only for the author to run (perhaps during disttest) and rarely useful for the user to run during installation? Aye. Though I can imagine users who'd like to run them as well... This is after all not that different from the Test::Pod situation, in it that it verifies integrity of the distribution and not the module's function itself. Audrey For a user, how does signature.t act differently to the built-in signature checking of CPAN.pm. What does it add? (apart from hung blocky non-blocking connections to the keyserver on Win32) :( Adam K
Re: What is the Value of t/0-signature.t?
On 3/17/06, chromatic <[EMAIL PROTECTED]> wrote: > > Do you mean that it's valuable only for the author to run (perhaps during > disttest) and rarely useful for the user to run during installation? Aye. Though I can imagine users who'd like to run them as well... This is after all not that different from the Test::Pod situation, in it that it verifies integrity of the distribution and not the module's function itself. Audrey
Re: What is the Value of t/0-signature.t?
On Friday 10 March 2006 02:38, Audrey Tang wrote: > I think it should be like the standard Test::Pod's pod.t and only run > when an env var is set to true. > > Patches... welcome to Module::Signature. :-) Do you mean that it's valuable only for the author to run (perhaps during disttest) and rarely useful for the user to run during installation? -- c
Re: What is the Value of t/0-signature.t?
Yuval Kogman wrote: > The problem with these is that Module::Signature fails when it > should warn if the key is not present in the user's keyring. > > If this technical issue is solved then regardless of whether or not > signature tests are useless (i think they are, but then again i also > think i have some modules with Test::Distribution that checks > that... so I am a hypocrit ;-) the usability of these tests will be > good enough. I think it should be like the standard Test::Pod's pod.t and only run when an env var is set to true. Patches... welcome to Module::Signature. :-) Audrey signature.asc Description: OpenPGP digital signature
Re: What is the Value of t/0-signature.t?
> On Thu, 9 Mar 2006 12:51:02 -0800, chromatic <[EMAIL PROTECTED]> said: > Hi all, > In http://rt.cpan.org/Ticket/Display.html?id=17934, a Test::MockObject user > dislikes the t/0-signature.t test that always runs. I have filed a couple of bug reports against distributions with a wrong signature and I have even released such myself. Now, with a combination of having t/0-signature.t and a dependency from 'release' to 'disttest', this cannot happen. qed:) -- andreas
Re: What is the Value of t/0-signature.t?
I've started to do a little bit of work on Module::Signature. The main problem seemed to be that it will install even if it's configuration cannot be confirmed, when I think it might be preferable to not install at all if it cannot be confirmed. I've also move Module::Signature into the Module::Install repository (which seems to be fast becoming an orphanage for collaboratively maintaining installation toolchain modules without a strongly active author). So if anyone already has commit for Module::Install and can think of small improvemens to make, you should be able to help fix Module::Signature. Adam K Yuval Kogman wrote: On Thu, Mar 09, 2006 at 12:51:02 -0800, chromatic wrote: Hi all, In http://rt.cpan.org/Ticket/Display.html?id=17934, a Test::MockObject user dislikes the t/0-signature.t test that always runs. If the user does not have Module::Signature installed, no tests run. If the user does have Module::Signature installed but not configured properly, the test will fail. The problem with these is that Module::Signature fails when it should warn if the key is not present in the user's keyring. If this technical issue is solved then regardless of whether or not signature tests are useless (i think they are, but then again i also think i have some modules with Test::Distribution that checks that... so I am a hypocrit ;-) the usability of these tests will be good enough. (I'm CCing audrey so that she'll know I'm dissing her module ;-)
Re: What is the Value of t/0-signature.t?
On Thu, Mar 09, 2006 at 12:51:02 -0800, chromatic wrote: > Hi all, > > In http://rt.cpan.org/Ticket/Display.html?id=17934, a Test::MockObject user > dislikes the t/0-signature.t test that always runs. If the user does not > have Module::Signature installed, no tests run. If the user does have > Module::Signature installed but not configured properly, the test will fail. The problem with these is that Module::Signature fails when it should warn if the key is not present in the user's keyring. If this technical issue is solved then regardless of whether or not signature tests are useless (i think they are, but then again i also think i have some modules with Test::Distribution that checks that... so I am a hypocrit ;-) the usability of these tests will be good enough. (I'm CCing audrey so that she'll know I'm dissing her module ;-) -- () Yuval Kogman <[EMAIL PROTECTED]> 0xEBD27418 perl hacker & /\ kung foo master: /me beats up some cheese: neeyah! pgplZzUEPZqRa.pgp Description: PGP signature
What is the Value of t/0-signature.t?
Hi all, In http://rt.cpan.org/Ticket/Display.html?id=17934, a Test::MockObject user dislikes the t/0-signature.t test that always runs. If the user does not have Module::Signature installed, no tests run. If the user does have Module::Signature installed but not configured properly, the test will fail. If it is the case that CPAN and CPANPLUS check signatures, if the user has the proper modules installed, is there value in including this test with signed distributions? -- c