You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
One thing we could consider here too is using a Rust RPM parser as a "pre-sanitizer" that validates the GPG signature etc. And perhaps we pass the whole thing off again to rpm2archive if that succeeds. Or, we could optimistically extract at least large files from the parsed data into e.g. O_TMPFILE objects ready to link into the ostree repo, plus one more memfd holding all the smaller files?
Let's use
/usr/bin/rpm2archive
in our importer. Among other things it's maintained by the RPM team.TODO:
rpm2archive --keyring-fd <fd> --import-fd <fd>
The text was updated successfully, but these errors were encountered: