-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 15/04/15 05:49 AM, Ulrich Mueller wrote: >>>>>> On Wed, 15 Apr 2015, Michał Górny wrote: > >> This is problem with the CVS two-commit procedure. The only >> solution is to stop using CVS keywords which people don't want to >> do because THEY ARE SO VERY USEFUL. > >> Or make repoman do first commit without Manifest, so instead of >> unsigned Manifest you'd have Manifest failure. > > But that's what it does. It commits all other files, then it signs > the Manifest and commits that. > > However, if signing fails it will commit an unsigned Manifest. > Which I think is a misfeature. If I have FEATURES=sign then I want > to commit a signed Manifest. If there are problems, repoman should > error out but not do some other action that I've not asked for. > > Ulrich >
Couldn't repoman sign a copy of the Manifest first (even if it's staged in temporary space somewhere), then either do it all in one commit or do the same two-stage commit it does now?? At least that would allow it to catch gpg errors and abort. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iF4EAREIAAYFAlUualoACgkQ2ugaI38ACPCV7wEAuziEMB5clCZYzt/ztL9LXDtj XRaxgLP0/usM0yaOqMkA+wRx2LQEGlNnfQhV0e/SMc1kACx3tYoRVvFZxJTv12OT =1dae -----END PGP SIGNATURE-----
