Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

apt::source: Rename trusted_source. #452

Merged
merged 1 commit into from Mar 6, 2015
Merged

apt::source: Rename trusted_source. #452

merged 1 commit into from Mar 6, 2015

Conversation

daenney
Copy link

@daenney daenney commented Mar 5, 2015

It is weird that trusted_source would default to false as that would
imply that we normally don't trust our sources. This is opposite to the
truth, by default we trust them but only if the Releases file can be
verified (meaning it is signed by a GPG key known to apt).

What we were telling apt is that it should trust this source even if the
Releases file and the repository is unsigned. This is better captured
with allow_unsigned and better highlights the danger of what you're
doing, installing packages from a source we cannot authenticate.

@daenney
apt::source: Rename trusted_source.
90bade9 
It is weird that `trusted_source` would default to `false` as that would
imply that we normally don't trust our sources. This is opposite to the
truth, by default we trust them but only if the Releases file can be
verified (meaning it is signed by a GPG key known to apt).

What we were telling apt is that it should trust this source even if the
Releases file and the repository is unsigned. This is better captured
with `allow_unsigned` and better highlights the danger of what you're
doing, installing packages from a source we cannot authenticate.
underscorgan pushed a commit that referenced this pull request Mar 6, 2015
Merge pull request #452 from puppetlabs/daenney/rename-trusted-source
a8250ae 
apt::source: Rename `trusted_source`.
@underscorgan underscorgan merged commit a8250ae into next Mar 6, 2015
@underscorgan underscorgan added this to the 2.0 milestone Mar 6, 2015
@underscorgan
Copy link

Thanks @daenney !

@daenney daenney deleted the daenney/rename-trusted-source branch March 6, 2015 16:39
@LukasAud LukasAud added the bugfix label Jun 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bugfix
Projects
None yet
Milestone
2.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@daenney @underscorgan @LukasAud