Feature #30594: Allow packages to be signed - Core - TYPO3 Forge

Core Indexed Search Linkvalidator Release Cycles Team Resources Workspaces & Versioning TYPO3 CMS Usability Team Community Extensions Distributions Feature-Requests TYPO3 6.2 Projects (+)(Archived Projects)

Feature #30594

Allow packages to be signed

Added by Stefan Neufeind almost 4 years ago. Updated 7 months ago.

Status:

Closed

Start date:

2011-10-06

Priority:

Should have

Due date:

Assigned To:

% Done:

Category:

Extension Manager

Spent time:

Target version:

7.3 (Packages)

PHP Version:

Sprint Focus:

Complexity:

Description

This will require changes to:

Extension-archives (allow them to be signed)
- either using an external signature (easier to integrate with current packages
- or using an internal signature (will require changes to package-format)
Extension-manager (configuration/verification of signatures; optional per repository)
Extension-repository (automatically sign packages uploaded to the official TYPO3-repository)

History

#1 Updated by Stefan Neufeind almost 4 years ago

This will help ensure that extensions (from the official repository or from a local repository) are unmodified. This will help validate integrity especially for the use of unsecure communication (http) or the use of (potentially unreliable) mirror-servers.

#2 Updated by Mathias Schreiber 8 months ago

Category set to Extension Manager

#3 Updated by Mathias Schreiber 7 months ago

Target version set to 7.3 (Packages)

#4 Updated by Mathias Schreiber 7 months ago

Status changed from New to Closed

Taken into account in #63909.
The issues are not linked on purpose, so the refactoring ticket does not get bloated with relations.

Also available in: Atom PDF

Core

Issues

Custom queries

Watchers (1)