New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Require switch on unofficial build #36

Closed
ferventcoder opened this Issue Jan 20, 2015 · 3 comments

Comments

Projects
None yet
3 participants
@ferventcoder
Member

ferventcoder commented Jan 20, 2015

The default one in the repository is for building source. If built in release mode, require a special switch to run --allow-unofficial-build or something like that.

When choco.exe detects that it is not using the official
publickeytoken, throw an error requiring an explicit override (this is
already overridden in debug builds). When AllowUnofficialBuild (--allow-unofficial-build) flag is
set to true, log a very important warning so that folks can receive
clues that the state of their system may be compromised.

@ferventcoder ferventcoder self-assigned this Jan 20, 2015

@ferventcoder ferventcoder added this to the 0.9.9 milestone Jan 20, 2015

ferventcoder added a commit that referenced this issue Jan 25, 2015

(GH-36) Add official publickeytoken
Add official publickeytoken to application parameters. Adjust .uppercut
to search for an environment variable containing the official key
location

ferventcoder added a commit that referenced this issue Jan 25, 2015

(GH-36) check for official public key
When choco.exe detects that it is not using the official
publickeytoken, throw an error requiring an explicit override (this is
already overridden in debug builds). When AllowUnofficialBuild flag is
set to true, log a very important warning so that folks can receive
clues that the state of their system may be compromised.

@ferventcoder ferventcoder added 3 - Done and removed 0 - Backlog labels Jan 25, 2015

@gep13

This comment has been minimized.

Show comment
Hide comment
@gep13

gep13 Jan 25, 2015

Member

Very cool! 👍

Member

gep13 commented Jan 25, 2015

Very cool! 👍

@ferventcoder ferventcoder changed the title from Check for proper public key to Require switch on unofficial build Jan 30, 2015

@smurawski

This comment has been minimized.

Show comment
Hide comment
@smurawski

smurawski Jan 30, 2015

👍 👍 Yay for security and yay for being able to build without the "official" key for testing purposes (without having to do a bunch of modifications that make pull requests suck).

smurawski commented Jan 30, 2015

👍 👍 Yay for security and yay for being able to build without the "official" key for testing purposes (without having to do a bunch of modifications that make pull requests suck).

@ferventcoder

This comment has been minimized.

Show comment
Hide comment
@ferventcoder

ferventcoder Jan 30, 2015

Member

most of that brought to you by this - 59ba8f6

Member

ferventcoder commented Jan 30, 2015

most of that brought to you by this - 59ba8f6

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment