Jeremy Cline
Jeremy Cline
The new fedmsg-check command uses click (which is super nice) and it would be good to fix all the existing commands to use it as well.
At the moment, x509 signing has SHA1 hard-coded as the digest used in the signature. We should make this configurable. This requires that the message schema change to include the...
Currently both implementations of the x509 crypto use the common name field to get the publisher's name. We should use the SAN field. When moving, we need to make sure...
It doesn't make a whole lot of sense for a CA to require being periodically fetched from the Internet (via HTTPS, granted). If your CA is compromised you have a...
At the moment, each Python thread requires a ZeroMQ endpoint (e.g. 'tcp://127.0.0.1:9999'). This is added in the configuration file and both publishers and consumers need this configuration to work properly....
Sometimes the API uses ``dict`` objects, and sometimes it uses ``moksha.hub.zeromq.zeromq.ZMQMessage`` objects. See #462 for the issue this causes with respect to headers. We need to define what the API...
This is up for discussion, but I'd like to propose that we start migrating to a simpler configuration format. I think we can do this in a backwards-compatible way (where...
From the fmn development environment, inside ~/.fedmsg.d/: ``` (fmn) [vagrant@fmn-dev .fedmsg.d]$ python -c 'from fedmsg.config import load_config' Traceback (most recent call last): File "", line 1, in File "/home/vagrant/.virtualenvs/fmn/lib/python2.7/site-packages/fedmsg/__init__.py", line...
I did some digging and found fedmsg used to have schema support, but it was removed early on. I'd like to propose that we work towards adding them back. Here...
This came up during the addition of the crates.io backend (#414). crates.io has this feature where it's possible to "yank" updates, which causes the package manager to ignore that version...