On 03/24/2011 04:59 PM, Mike Frysinger wrote:
this is especially important for the people doing arch keywording since they make a ton of commits. i'm looking at you armin76.
One thing I don't get amidst this whole conversation is why I should sign a Manifest file when committing KEYWORDS or something equally as trivial like deleting ebuilds. By signing the Manifest, I interpret that as "yes, I committed this Manifest file and yes I trust every hash in this Manifest file" when in reality, I have no clue if the Manifest file is correct because I didn't inspect anything.
Am I missing something? Thanks, Jeremy
