Rob
So similar to git-bisect sort of?
On this subject, https://sigstore.dev/what_is_sigstore/ could be interesting to keep an eye on.
This might also be related to #38, and to a lesser degree, #1074.
@rugk It is not. Everything we do is totally insecure and will explode in our faces any day now. Any day now... On a serious note though; security is nice...
@paragonie-scott every plugin is enabled by default, if you install it.
@rugk Unfortunately, we (@composer team) have only limited experience in regards to security as far as this topic goes. Hence, it is low priority for us personally. We are open...
Isn't that part of the implementation? :p
On this subject, https://sigstore.dev/ could also be interesting to keep an eye on.
Was fiddling around a bit, bit couldn't manage to get it working. Using the following bash script as a wrapper for running php inside a docker container and configuring it...
I know, I was just exploring the possibility of what it would take to submit a PR that could enable this functionality. So far, the amount of changes is rather...