Hacker News new | ask | show | jobs
by cordite 1494 days ago
Who will check the signatures when so few have signatures?

What dev thinks oh I can’t upgrade because of this error, stackoverflow says use this flag —disable-signature-verification so I do and now I can develop again
2 comments
flatiron 1494 days ago
Any place with a devops team would not disable that.
link
progval 1494 days ago
For what it's worth, Debian packagers check signatures when downloading from PyPI.
link