top | item 11345845

(no title)

raesene4 | 10 years ago

for NPM? As far as I'm aware it's not even an available feature. None of rubygems/PyPi/NuGet require digital signatures...

What repositories were you thinking of that do require that?

discuss

pvg|10 years ago

NPM doesn't. Maven does. Debian has authentication of the repository itself.

raesene9|10 years ago

yep the linux repositories are generally way ahead of the programming language lib ones in this regard (evidently with the exception of Maven), one of the reasons that it's a shame to see newer ones not learn the lessons that previous repo's have on security