[Mageia-discuss] How did i tell to urpmi.addmedia that a repo not have pubkey?

José Alberto Valle Cid j.alberto.vc at gmail.com
Sat May 26 19:54:04 CEST 2012


> Why not?

We are some lazy :P , but i start to work to simplify the job :)

> Signing is the only way for your users to verify that the packages actually comes from you, and haven't been tampered with.
> I would not use any repo which didn't use signatures, and I suspect I'm not alone in this.


I understand that, but we use in our computers the packages that we
build and we test as good as we can (lack time is our main enemy) and
if there is something that we don't see and a user report we fix as
quick as can


More information about the Mageia-discuss mailing list