Blog Entries

02. 04. 2021 Andrea Avancini NetEye

Signing NetEye RPMs

When you have to publicly release software like we do with NetEye every two months, it’s fundamental that users can verify that software: in our case that the RPMs that we build come from us and not from someone who pretends to be us, that they have not been tampered with, and that they do…

Read More
02. 04. 2021 Alessandro Valentini NetEye

RPM Package Verification

Why it’s important to use signed packages RPM signing is an often underestimated feature: you use official repositories, why shouldn’t you trust them? Those repositories are also probably protected with TLS encryption, so you feel safe against man-in-the-middle attacks. But you may not be as safe as you think you are. Have you heard about that time when the repository…

Read More
23. 12. 2020 Thomas Forrer Development, NetEye

Adopting Pulp 2: A Migration Journey #2

In the previous chapter of this blog post series, we discussed how Würth Phoenix has recently adopted Pulp as its main repository management platform. To briefly recap, Pulp is a free and open-source platform for managing repositories of software packages and artifacts and making them available to a larger audience. The types of packages and…

Read More