[packagekit] Extending the RepoDetail signal

Duncan Mac-Vicar P. dmacvicar at suse.de
Wed Oct 13 02:26:38 PDT 2010


On 10/07/2010 01:08 PM, Richard Hughes wrote:
  > I think just the latter. If the files are unsigned in a signed repo,
> we should probably abort with an error. If they are unsigned in an
> unsigned repo, we just ask the user for the unsigned authentication,
> which is hopefully what happens now.

Why? ZYpp does not verify signatures of the packages. We sign the repo 
and use a checksum chain.

-- 
Duncan Mac-Vicar P. - Novell® Making IT Work As One™
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)




More information about the PackageKit mailing list