Opened 6 years ago
#56034 new enhancement
Move binary archive signing public key to ports tree
| Reported by: | neverpanic (Clemens Lang) | Owned by: | |
|---|---|---|---|
| Priority: | Normal | Milestone: | MacPorts Future |
| Component: | base | Version: | |
| Keywords: | Cc: | raimue (Rainer Müller) | |
| Port: |
Description
The binaries we build are associated with the ports tree they were built from. If there were multiple ports trees configured in your installation, they should not be able to sign each other's archives, so a signing public key should be a property of a ports tree, rather than being shipped with base as we currently do.
In the long run, adding a new ports tree should be simplified by offering a new command, and this command should prompt users to trust this key.
Note: See
TracTickets for help on using
tickets.