On Sat, 15 Aug 2015 11:02:19 +0200 Michał Górny wrote: > > > > OK, if manifests are that important, why not generate full manifest > > > > during repoman commit? If we do not tamper with $Id$, the only file > > > > outside of this manifest will be ChangeLog generated during rsync > > > > propagation. Then we have following options: > > > > - do not sing ChangeLog: even if it will be tampered, little harm > > > > can be done, since it doesn't affect live system or build process; > > > > - sign ChangeLog with releng key; > > > > - sign developer-signed manifest + ChangeLog with releng key. Thus > > > > we'll have double signature for most important files. > > > > > > How about we switch back to CVS if we're going to kill git anyway? It'd > > > at least save our time wasted by these pointless discussions. > > > > I don't understand your point. Please explain. > > > > I see nobody here talking about killing git. I see people concerned > > that git is not cryptographically secure enough, thus looking for > > gpg-signed manifests or other solutions. > > I see you talking about introducing whole new bucket of merge > conflicts. Where? The only case where such conflict may occur is when several developers are working on the same package at the same time. This is quite rare occasion. And even with current thin-manifest workflow there may be conflict if they touch the same files.
Best regards, Andrew Savchenko
pgpCgqBC6QLMu.pgp
Description: PGP signature
