Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide faster feedback to package author when uploaded package does not match signature requirements #6181

Closed
joelverhagen opened this issue Jul 18, 2018 · 1 comment
Closed

Provide faster feedback to package author when uploaded package does not match signature requirements #6181

joelverhagen opened this issue Jul 18, 2018 · 1 comment
Assignees
@joelverhagen
Labels
Verified-Dev Verified-Int Verified-Prod
Milestone
S139 - 2018.07.23

Comments

@joelverhagen
Copy link
Member

@joelverhagen commented on Tue Jul 17 2018

When a package must be signed, we can quickly reject an unsigned version by checking for the presence of a signature file.

When a package must not be signed, we can quickly reject a signed version by checking for the presence of a signature file.

Both operations are safe to be done in gallery process.

@joelverhagen commented on Tue Jul 17 2018

I need text for both cases and for both the upload flow and the command line push flow.

/cc @anangaur
@joelverhagen joelverhagen mentioned this issue Jul 18, 2018
Closed
@joelverhagen joelverhagen added this to the S138 - 2018.07.02 milestone Jul 18, 2018
@joelverhagen joelverhagen self-assigned this Jul 18, 2018
@joelverhagen joelverhagen mentioned this issue Jul 23, 2018
Merged
joelverhagen added a commit that referenced this issue Jul 23, 2018
@joelverhagen
Add IsSigningAllowed method (#6199)
c878ae0 
Progress on #6181
@joelverhagen
Copy link
Member Author

joelverhagen commented Jul 23, 2018
edited
Loading

Proposed strings for both web UI and command line.

When publishing an unsigned package and signing is required:

This package must be signed with a registered certificate.

When publishing a signed package and no certificate is configured.

The package was signed. You must register the signing certificate to publish signed packages.

@anangaur?

@joelverhagen joelverhagen mentioned this issue Jul 25, 2018
Merged
joelverhagen added a commit that referenced this issue Jul 26, 2018
@joelverhagen
Reject packages that don't meet the owner/ID signing requirements (#6210
c2c34de 
)

Address #6181
joelverhagen added a commit that referenced this issue Jul 26, 2018
@joelverhagen
Reject packages that don't meet the owner/ID signing requirements (#6210
320a80e 
)

Address #6181
joelverhagen added a commit that referenced this issue Jul 30, 2018
@joelverhagen
Reject packages that don't meet the owner/ID signing requirements (#6210
50f4335 
)

Address #6181
This was referenced Jul 30, 2018
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@joelverhagen joelverhagen

Labels
Verified-Dev Verified-Int Verified-Prod
Projects
None yet
Milestone
S139 - 2018.07.23
Development

No branches or pull requests
2 participants
@joelverhagen @skofman1