Simply said, the binary products are signed by the build farm but
nothing else is. (commits, etc.)
--Vladimir
smime.p7s
Description: S/MIME Cryptographic Signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
There's also some discussion on the scope of signatures here:
https://github.com/NixOS/nix/issues/613
On Mon, Mar 28, 2016 at 9:15 AM, Thomas Hunger wrote:
> The manual has some info:
>
> https://nixos.org/nix/manual/#operation-generate-binary-cache-key
>
> It's a fairly
The manual has some info:
https://nixos.org/nix/manual/#operation-generate-binary-cache-key
It's a fairly straight forward private / public signing scheme.
There's an example on how to verify integrity in the manual as well:
https://nixos.org/nix/manual/#examples-23
~
On 28 March 2016 at
Hi,
How is package signing this done by nix and how does it work for nixpkgs/nixos?
I'm searching for resources on this because of my bachelors thesis and I'm not
quite sure nix already does signing and the like.
So all the "big" package managers (apt, yum, pacman,...) do some gpg foo to sign