Metadata signing
Created by: xTibor
The package metadata and the repo.toml
files are not signed and verified before use. Malicous/breached repo mirrors could exploit this problem.
Related: #23
Created by: xTibor
The package metadata and the repo.toml
files are not signed and verified before use. Malicous/breached repo mirrors could exploit this problem.
Related: #23