On Sat, Jan 1, 2022 at 5:51 AM Vitaly Zaitsev via devel <devel@lists.fedoraproject.org> wrote: > > On 31/12/2021 20:03, Nico Kadel-Garcia wrote: > > Sounds like, if this is enabled, they'll need a GPG key associated > > with their personal repository. > > Locally built packages are always unsigned. >
They don't have to be, but yes, by default they are. And note, you can already configure DNF to require GPG validation of local packages by setting localpkg_gpgcheck=1 in dnf.conf. -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
