On Mon, Mar 07, 2011 at 05:24:19PM +0000, Ananda Samaddar <ananda.samad...@newcastle.ac.uk> wrote: > > Nope - at the moment we just store SHA1 of the packages, to avoid > > accidental corruptions. Patches are welcome to improve that in > > pacman-g2, it would not be too hard to use gpgv for this, if one needs > > it. > > That's a real shame, the Arch Wiki says that you use a version of > pacman that does support package signing. I'm afraid that this is the > main reason I want to switch from Arch. Their security is not very > good.
Please ask them to correct the info, then. Misleading anybody would be bad, indeed. > Unfortunately I am not a developer, just an 'advanced user' so I > wouldn't be able to code anything myself. TBH, While being able to fix issues yourself is nice, in most cases a packager's life is more about building and testing than coding. Thanks.
pgpsvgXTH8QFZ.pgp
Description: PGP signature
_______________________________________________ Frugalware-devel mailing list Frugalware-devel@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-devel