package conex

  1. Overview
  2. Docs

Parameters

Signature

val verify_id : Conex_io.t -> Conex_repository.t -> Conex_resource.identifier -> (Conex_repository.t, string) Stdlib.result

verify_id io repo id reads id from io unless id is already part of repo. The read data will either be a team or an author. If verification is successful, resource and identitiy data are added to repo.

val verify_ids : ?ids:Conex_utils.S.t -> Conex_io.t -> Conex_repository.t -> (Conex_repository.t, string) Stdlib.result

verify_ids ~ids io repo folds over ids (default: all ids present on io), calling verify_id.

val verify_janitors : ?valid:(Conex_resource.identifier -> Conex_resource.Digest.t -> bool) -> Conex_io.t -> Conex_repository.t -> (Conex_repository.t, string) Stdlib.result

verify_janitors ~valid io repo reads the team "janitors" from io, and all its team members. It verifies in two steps: first it uses only those public keys which fingerprints are valid. If successful, in a second step the resulting repository is used to verify the remaining janitors, followed by verification of the janitor team.

val verify_package : ?ignore_missing:bool -> Conex_io.t -> Conex_repository.t -> Conex_resource.name -> (Conex_repository.t, string) Stdlib.result

verify_package ~ignore_missing io repo name reads and verifies the authorisation of the package name. All ids who are authorised are loaded into the repository (using verify_ids). The package data for name is read and verified, followed by all releases. Each release is read and verified. If ignore_missing is true, packages with missing authorisations or package indexes are ignored.

val verify_diff : ?ignore_missing:bool -> Conex_io.t -> Conex_repository.t -> string -> (Conex_repository.t, string) Stdlib.result

verify_diff ~ignore_missing io repository patch first parses the patch and applies it. The key fingerprints ofjanitors in repository are used to validate the janitors team of the repository with applied patch. All identifiers and packages of the repository with patch applied are verified, and additionally all modified resources have their monotonicity verified. If ignore_missing is true, packages with missing authorisations and package indexes are ignored.

OCaml

Innovation. Community. Security.