Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Discussion: Please obey Debian's policy when adding repository #24

Open
ghost opened this issue May 14, 2021 · 2 comments
Open

Discussion: Please obey Debian's policy when adding repository #24

ghost opened this issue May 14, 2021 · 2 comments
Labels
discussion

Comments

@ghost
Copy link

ghost commented May 14, 2021
edited by ghost
Loading

Debian had a policy for add third-party repositories,it can be found at Debian Wiki.
This repository has violated this policy in a number of ways,include:

  • use not recommended command to add key(See apt-key(8))
  • sources.list entry not have signed-by option set
  • not use apt pinning.

I suggest that fix them to obey Debian's policies and provide better security for users.
@ghost ghost added the discussion label May 14, 2021
@coslyk
Copy link
Owner

coslyk commented May 14, 2021

Thanks for your information. I am not sure if this repository obeys the policies because the script for adding repository is provided by the hosting service (Cloudsmith), which is their recommended way. See https://cloudsmith.io/~debianopt/repos/debianopt/setup/#formats-deb

You may contact Cloudsmith to submit the issues :)

@ghost
Copy link
Author

ghost commented May 14, 2021

Thanks for your reply.I have contact Cloudsmith to submit this issue,I think it's a wrong of Cloudsmith.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discussion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@coslyk