suzanne.soy/nixpkgs
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

nix.requireSignedBinaryCaches: description fix

Browse Source 
(cherry picked from commit a227bd4e3b)

[Bjørn: The description says the default is "disabled" (wrong).]
This commit is contained in:
Al Zohali 2016-03-07 22:48:14 +03:00 committed by Bjørn Forsman
parent 17a777c8ed
commit 057421e8e2
1 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
nixos/modules/services/misc/nix-daemon.nix
View File

@ -257,13 +257,11 @@ in
type = types.bool;
default = true;
description = ''
If enabled, Nix will only download binaries from binary
caches if they are cryptographically signed with any of the
keys listed in
<option>nix.binaryCachePublicKeys</option>. If disabled (the
default), signatures are neither required nor checked, so
it's strongly recommended that you use only trustworthy
caches and https to prevent man-in-the-middle attacks.
If enabled (the default), Nix will only download binaries from binary caches if
they are cryptographically signed with any of the keys listed in
<option>nix.binaryCachePublicKeys</option>. If disabled, signatures are neither
required nor checked, so it's strongly recommended that you use only
trustworthy caches and https to prevent man-in-the-middle attacks.
'';
};