[02:16:36]
<Yunohost Git/Infra notifications> [yunohost_demo] @yalh76 created new branch bullseye
[02:16:37]
<Yunohost Git/Infra notifications> [yunohost_demo] @yalh76 pushed 1 commit to bullseye: Update demo_lxc_build.sh https://github.com/YunoHost/yunohost_demo/commit/a9a044a6cc96be8f7d60b7778625ca0badcd92f0
[02:16:58]
<Yunohost Git/Infra notifications> [yunohost_demo] @yalh76 opened pull request #7: Switch demo to Bullseye https://github.com/YunoHost/yunohost_demo/pull/7
[13:47:50]
<MayeulC> It would be nice to be able to provide a keyfile when adding repos, I think that would be more secure against websites being defaced: https://github.com/YunoHost/yunohost/blob/b49e1bad53e49971cbb96768dc191d42fba15a13/helpers/apt#L428
[14:53:48]
<Aleks> uuuuh wat
[14:54:15]
<Aleks> MayeulC: you mean the `--key` arg of the helper you just linked ? x_x
[14:54:18]
<Aleks> how does that relates to websites being defaced ...?
[14:54:37]
<MayeulC> That takes a url
[14:55:12]
<MayeulC> If a malicious entity takes control of the website, they can both upload a malicious package and a signature they control
[14:55:32]
<MayeulC> So it completely undermines the idea of a signature in the first place
[14:56:15]
<MayeulC> Since the only guarantee is client-to-server authenticity, and that's already provided by https...
[14:59:17]
<Aleks> hmyeah or fetching the key from a keyserver instead of the ustream
[20:18:35]
<Yunohost Git/Infra notifications> [yunohost] @yunohost-bot opened pull request #1498: Translations update from Weblate https://github.com/YunoHost/yunohost/pull/1498