mirrors/brew
1
0
Fork 0
mirror of https://github.com/Homebrew/brew.git synced 2025-07-14 16:09:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

fixup comment

Browse Source
This commit is contained in:
Joseph Sweeney 2024-04-30 10:52:36 -04:00
parent 9fff688bbe
commit 3ccc6b2521
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Library/Homebrew/attestation.rb
View File

@ -121,9 +121,9 @@ module Homebrew
# We don't pass in a signing workflow for backfill signatures because # We don't pass in a signing workflow for backfill signatures because
# some backfilled bottle signatures were signed from the 'backfill' # some backfilled bottle signatures were signed from the 'backfill'
# branch, and others from 'main', so the signing workflow is slightly # branch, and others from 'main' of trailofbits/homebrew-brew-verify
# different which causes some bottles to incorrectly fail when checking # so the signing workflow is slightly different which causes some bottles to incorrectly
# their attestation. This shouldn't meaningfully affect security # fail when checking their attestation. This shouldn't meaningfully affect security
# because if somehow someone could generate false backfill attestations # because if somehow someone could generate false backfill attestations
# from a different workflow we will still catch it because the # from a different workflow we will still catch it because the
# attestation would have been generated after our cutoff date. # attestation would have been generated after our cutoff date.