Dne 21. 01. 22 v 17:08 Roberto Sassu via devel napsal(a):
(note for the infrastructure mailing list: please check if the
changes
I'm proposing could be tested in the Fedora infrastructure, like Copr)
Copr does not use `rpmsign` at all. Copr uses `obs-sign` [1]. The benefits of obs-sign is
that you do not need to send
whole package to the signing machine and then back. You send just hash there and signature
back.
So to test this in Copr the --signverity has to be first implemented in obs-sign.
[1]
https://github.com/openSUSE/obs-sign
Miroslav