Should we still update the rocks in the repository in LuaRocks or begin
using MoonRocks from now on ?
---
Eric
2014-05-23 18:34 GMT-03:00 Hisham <h...@hisham.hm>:
> On 22 May 2014 14:02, Jack Lawson <ajacksif...@gmail.com> wrote:
> > I'm excited. One problem I've had when using NPM in production is that
> > packages are unsigned, and the ability to overwrite a package version can
> > cause security concerns.
>
> Ideally package versions should never be overwritten (we have revision
> suffixes for that: 1.0-1, 1.0-2, etc.), and only the module owner can
> post a new version/revision of a module in the main MoonRocks
> manifest.
>
> > Is there interest in implementing package signing?
>
> If anyone wants to implement it, the feature is welcome, but I don't
> want to make package signing mandatory.
>
> -- Hisham
>
>
> ------------------------------------------------------------------------------
> "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
> Instantly run your Selenium tests across 300+ browser/OS combos.
> Get unparalleled scalability from the best Selenium testing platform
> available
> Simple to use. Nothing to install. Get started now for free."
> http://p.sf.net/sfu/SauceLabs
> _______________________________________________
> Luarocks-developers mailing list
> Luarocks-developers@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/luarocks-developers
>
------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
Luarocks-developers mailing list
Luarocks-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/luarocks-developers
