Page MenuHomeSolus

Systemd-manager
Closed, InvalidPublic

Description

Initial patch for Systemd-manager.

Currently there is still security risk, because current cargo version doesn't verify checksums.
Cargo verify checksums starting with version 0.13, so once updated it would be safe to use cargo packages.

Event Timeline

hjajet created this task.Nov 17 2016, 12:46 PM
JoshStrobl raised the priority of this task from Wishlist to Needs Triage.Nov 17 2016, 12:58 PM
JoshStrobl changed the edit policy from "All Users" to "Triage Team (Project)".
JoshStrobl removed subscribers: PhnxRbrn, ikey, JoshStrobl.
JoshStrobl triaged this task as Normal priority.Nov 23 2016, 2:58 AM
JoshStrobl moved this task from Backlog to Ready For Merge on the Patch Submission board.

git|https://github.com/mmstick/systemd-manager.git : a83a102ef918d0499a02da6a69ef113b7c82a160 needs to be changed to git|https://github.com/mmstick/systemd-manager.git : 1.0.0

+license     :
+    - GPL-3.0

Can be changed to license : GPL-3.0

Ok, updated:

Currently there is still security risk, because current cargo version doesn't verify checksums.

So why is it being merged then?

Once T1718: Update Cargo to 0.13.0 is merged there is no security risk.
This patches should not be merged before.

hjajet added a subscriber: ikey.Dec 3 2016, 5:57 PM

Cargo is 0.13.0 now, so there should not be any security risk.
Only problem may be that dependencies are downloaded during setup.
@ikey Is it OK to package cargo-based projects by this way?

hjajet added a comment.Dec 9 2016, 4:56 PM

Patch to make it build with solbuild.

Unknown Object (User) awarded a token.Mar 9 2017, 11:03 AM
DataDrake closed this task as Invalid.Mar 15 2018, 3:50 PM