[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#66369: Change package-check-signature default to t
From: |
Stefan Kangas |
Subject: |
bug#66369: Change package-check-signature default to t |
Date: |
Fri, 6 Oct 2023 09:32:34 +0000 |
Severity: wishlist
I propose to change the default of `package-check-signature' to t when
gpg is available.
Previous discussion here:
https://lists.gnu.org/r/emacs-devel/2023-02/msg00680.html
The current default is `allow-unsigned', which is about as useful for
security purposes as if it was nil. But if the default is t, users will
be forced to have OpenPGP installed.
In the above discussion, Eli suggested:
> We could also display a warning, once, when we detect that OpenPGP is
> not available and set the value to allow-unsigned. This way the user
> is alerted to the problem and can take action to fix it.
I'd add that we could also prompt in this situation, perhaps something
along the lines of:
"No working PGP installation detected; install package(s) without
verifying signature (unsafe)? (y/n)"
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#66369: Change package-check-signature default to t,
Stefan Kangas <=