On Thu, Mar 24, 2011 at 8:21 PM, Brian Harring wrote:
> On Thu, Mar 24, 2011 at 06:08:53PM -0400, Olivier Crête wrote:
>> On Thu, 2011-03-24 at 17:59 -0400, Mike Frysinger wrote:
>> > is there any reason we should allow people to commit unsigned
>> > Manifest's anymore ? generating/posting/enablin
On Thu, Mar 24, 2011 at 06:08:53PM -0400, Olivier Crête wrote:
> On Thu, 2011-03-24 at 17:59 -0400, Mike Frysinger wrote:
> > is there any reason we should allow people to commit unsigned
> > Manifest's anymore ? generating/posting/enabling a gpg key is
> > ridiculously easy and there's really no
On Thu, Mar 24, 2011 at 8:09 PM, Antoni Grzymala wrote:
> Jeroen Roovers dixit (2011-03-25, 00:50):
>> On Thu, 24 Mar 2011 17:59:45 -0400 Mike Frysinger wrote:
>> > is there any reason we should allow people to commit unsigned
>> > Manifest's anymore ?
>>
>> Funny that. I only started doing that Ye
Jeroen Roovers dixit (2011-03-25, 00:50):
> On Thu, 24 Mar 2011 17:59:45 -0400
> Mike Frysinger wrote:
>
> > is there any reason we should allow people to commit unsigned
> > Manifest's anymore ?
>
> Funny that. I only started doing that Yesterday. It had been on my TODO
> for a couple of yea
On Thu, Mar 24, 2011 at 6:42 PM, Rémi Cardona wrote:
> PS, wasn't manifest-signing supposed to become moot once we moved to git?
not in the least. git only provides SHA1 which is not
cryptographically strong, and we will still be mirroring only the
latest checkout via rsync. the hashs in git req
On Thu, 24 Mar 2011 17:59:45 -0400
Mike Frysinger wrote:
> is there any reason we should allow people to commit unsigned
> Manifest's anymore ?
Funny that. I only started doing that Yesterday. It had been on my TODO
for a couple of years. :)
jer
On Thu, Mar 24, 2011 at 6:28 PM, Mike Gilbert wrote:
> Is there some plan to make verification of signed Manifests easy/automatic
> for end users?
the end goal is for it to be transparent when it works. emerge itself
would check things as part of its digest verification.
as to the current state
On Thu, Mar 24, 2011 at 6:47 PM, Diego Elio Pettenò wrote:
> Il giorno gio, 24/03/2011 alle 23.42 +0100, Rémi Cardona ha scritto:
>> However, is there a howto or something explaining how to work
>> _efficiently_ with GPG? How do I avoid having to type my pass-phrase
>> for every commit?
>
> Setup g
On Thu, 2011-03-24 at 23:48 +0100, Christoph Mende wrote:
> Hi,
>
> this should make mono.eclass EAPI3 compatible, please review the
> attached patch before I commit it, so you can throw your stones before
> it appears on gentoo-commits. Thanks.
Tiny update to the patch:
24/235024 <@ABCD> I would
Il giorno gio, 24/03/2011 alle 23.42 +0100, Rémi Cardona ha scritto:
>
>
> However, is there a howto or something explaining how to work
> _efficiently_ with GPG? How do I avoid having to type my pass-phrase
> for
> every commit?
Setup gpg-agent with a one-week passphrase caching and standard so
Hi,
this should make mono.eclass EAPI3 compatible, please review the
attached patch before I commit it, so you can throw your stones before
it appears on gentoo-commits. Thanks.
Index: mono.eclass
===
RCS file: /var/cvsroot/gentoo-x86
Le 24/03/2011 22:59, Mike Frysinger a écrit :
> is there any reason we should allow people to commit unsigned
> Manifest's anymore ? generating/posting/enabling a gpg key is
> ridiculously easy and there's really no excuse for a dev to not have
> done this already.
I, for one, have never signed m
On Thu, Mar 24, 2011 at 5:59 PM, Mike Frysinger wrote:
> is there any reason we should allow people to commit unsigned
> Manifest's anymore ? generating/posting/enabling a gpg key is
> ridiculously easy and there's really no excuse for a dev to not have
> done this already.
>
Is there some plan
http://bugs.gentoo.org/360363
-mike
On 03/24/2011 11:59 PM, Mike Frysinger wrote:
> is there any reason we should allow people to commit unsigned
> Manifest's anymore ? generating/posting/enabling a gpg key is
> ridiculously easy and there's really no excuse for a dev to not have
> done this already.
>
Also submitting the quizzes
On Thu, 2011-03-24 at 17:59 -0400, Mike Frysinger wrote:
> is there any reason we should allow people to commit unsigned
> Manifest's anymore ? generating/posting/enabling a gpg key is
> ridiculously easy and there's really no excuse for a dev to not have
> done this already.
I didn't know we sti
On Thu, Mar 24, 2011 at 05:59:45PM -0400, Mike Frysinger wrote:
> is there any reason we should allow people to commit unsigned
> Manifest's anymore ? generating/posting/enabling a gpg key is
> ridiculously easy and there's really no excuse for a dev to not have
> done this already.
>
> when i lo
is there any reason we should allow people to commit unsigned
Manifest's anymore ? generating/posting/enabling a gpg key is
ridiculously easy and there's really no excuse for a dev to not have
done this already.
when i look at the tree, the signed stats are stupid low:
$ find *-* -maxdepth 2 -nam
On 10:44 Wed 23 Mar , James Cloos wrote:
> TC> So live with it.
>
> I cannot. It makes the eclass useless.
>
> I have almost 2 gigs of bare repo in distdirs/git-src.
>
> A forced re-download of all of that is just not possible!
>
> The existing distdir clones *MUST* continue to work.
>
> "DB" == Donnie Berkholz writes:
JC> Or better yet, git clone.
DB> This could work well with --shared; even worked for me on separate
DB> partitions.
Yes, I did mean »git clone -l -s«.
-JimC
--
James Cloos OpenPGP: 1024D/ED7DAEA6
20 matches
Mail list logo