Hi Reinhard,
absolutely no worries at all! Huge thanks on all your work and sorry for not
being more responsive. I can only manage some "debian time" in between "real
life" blocks, so a lot falls through the cracks :(
Cheers
Leo
--- Original Message ---
On Wednesday, July 19th, 2023
Hi Leo,
I hope you are well. Now that all dependencies to build this package are
in place, I've taken the liberty of uploading the package to
debian/experimental and pushed my sources to
https://salsa.debian.org/go-team/packages/golang-github-sigstore-sigstore
I really don't want this to be seen
On Thu, Apr 13, 2023 at 6:46 AM Reinhard Tartler wrote:
>
> -- unfortunately, I made a mistake: I packaged version 3 of
> jellydator-ttlcache, which has a significantly different API than version2,
> which sigstore currently uses.
>
> I'm considering either downgrading the package, or making
On Wed, Apr 12, 2023 at 3:53 PM Leo Antunes wrote:
> Sorry for the late reply. My laptop decided it was a good time to break,
> so I'll have even less time to work on this in the next few days/weeks :/
>
> --- Original Message ---
> On Sunday, March 26th, 2023 at 22:07, Reinhard Tartler
Sorry for the late reply. My laptop decided it was a good time to break, so
I'll have even less time to work on this in the next few days/weeks :/
--- Original Message ---
On Sunday, March 26th, 2023 at 22:07, Reinhard Tartler
wrote:
> Sounds good.
>
> I'm happy to take on the easier
Sounds good.
I'm happy to take on the easier dependencies, such as pkg/browser or
jellydator/ttlcache.
But the dependency on boulder is giving me a massive headache. It is really
unfortunate that they chose to use such a heavy dependency for a rather
simple task (goodkey). What are your thoughts
Hi Reinhard,
It seems I underestimated the work and overestimated by free time: we need some
bumps for deps (e.g. golang-github-azure-azure-sdk-for-go-dev) and maybe some
patching to get rid of other deps (e.g. github.com/letsencrypt/boulder), if we
can manage that.
OTOH, I see you already
seems https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022937 was
accepted. Any update on sigstore packaging?
On Fri, Jan 20, 2023 at 9:47 AM Reinhard Tartler wrote:
> Awesome, thanks for the update!
>
> Skimming over the sources of sigstore, it seems to me that the awk-sdk
> might be easy to
Awesome, thanks for the update!
Skimming over the sources of sigstore, it seems to me that the awk-sdk
might be easy to disable with minor surgery. Would you be open to uploading
a sigstore package to NEW with the aws functionality disabled and re-enable
it as soon as the awk package becomes
Hi Reinhard!
I think this changed a bit in the meantime: now the sigstore project has mostly
shared lib code, while the individual commands (rekor, fulcio, gitsign, etc)
are all in separate repos. So I expect this library to not be THAT difficult to
package (the next one on my list is rekor -
Hi Leo,
Thank you so much for your interest in packaging this! -- I've noticed that
it is a dependency of containers/image for image signing, and have looked
at this package before. Unfortunately, I got intimidated with the sheer
number of unpackaged dependencies that it requires. Maybe this has
Package: wnpp
Severity: wishlist
Owner: Leo Antunes
* Package name: golang-github-sigstore-sigstore
Version : 1.5.1-1
Upstream Author : The Sigstore Authors
* URL : https://github.com/sigstore/sigstore
* License : Apache-2.0
Programming Lang: Go
12 matches
Mail list logo