[ocaml-platform] OPAM: signing the repository
hannes at mehnert.org
Fri Jun 5 13:45:10 BST 2015
-----BEGIN PGP SIGNED MESSAGE-----
On 06/05/2015 13:32, Daniel Bünzli wrote:
> Here are a few comments.
> * It seems to me that you introduce the concepts of "developer",
> "package maintainer" and "author" which are all the same. It would
> be clearer if a single name was kept and used consistently.
> * I'm not sure that "Date is in the ISO 8601 standard" is what you
> actually want as this is an incredibly flexible standard to
> represent date and time (e.g. you can use a year, week number and
> week day). What you are likely meaning is that the date is in the
> RFC 3339 standard, a sane subset of the ISO 8601 standard.
> * Wouldn't it be better to bring the compiler-as-package work to an
> end before doing this so that you don't have to special case for
> them (and thus reduce the complexity, attack surface, etc.) ?
Thanks. You're right on all three points. Sorry for the inconsistency.
I haven't looked too deeply into the compiler-as-package or how
compilers are handled by opam atm (and hope Louis or someone else will
have a good idea how to deal with that).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the Platform