Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(Low priority) Additionally offer signed _component_ pkgs #11

Open
arubdesu opened this issue Mar 5, 2024 · 2 comments
Open

(Low priority) Additionally offer signed _component_ pkgs #11

arubdesu opened this issue Mar 5, 2024 · 2 comments
Labels
help wanted Extra attention is needed

Comments

@arubdesu
Copy link

arubdesu commented Mar 5, 2024
edited
Loading

Unpacking the distribution package like the autopkg recipe (somewhat intuitively) breaks the pkg signing, adding distribution overhead when e.g. only a single component has been updated or orgs are rebranding the Managed Software Center app.
Offering signed pkgs for each component would just be a nice-to-have, the signed/notarized contained executables are way more important, but I would use e.g. the python flavor if available
@gregneagle
Copy link
Collaborator

This seems a big ask.

@erikng erikng added the help wanted Extra attention is needed label Mar 5, 2024
@erikng
Copy link
Member

erikng commented Mar 5, 2024

I won't personally be doing this, but PRs welcome.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@arubdesu @gregneagle @erikng