sign snapshots and nightly builds with a low trust buildbot key #13181
Comments
matthiaskrgr
pushed a commit
to matthiaskrgr/rust
that referenced
this issue
Sep 13, 2022
fix: sort all bounds on trait object types Fixes rust-lang#13181 rust-lang#12793 allowed different ordering of trait bounds in trait object types but failed to account for the ordering of projection bounds. I opted for sorting all the bounds at once rather than splitting them into `SmallVec`s so it's easier to do the same thing for other bounds when we have them.
flip1995
pushed a commit
to flip1995/rust
that referenced
this issue
Aug 8, 2024
… r=llogiq Use a single multipart suggestion for `implicit_hasher` The second commit individually shows the diagnostic change ---- changelog: none
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
These should still be signed, even though a truly trusted key can't be used as there's no human involved in the process. With TLS alone, there's trust that every CA able to issue
orgcertificates is not malicious/incompetent. It would be nice to have another way of verifying the authenticity of a snapshot, as we can with the release tarballs themselves.The text was updated successfully, but these errors were encountered: