2Nis
Does GUIX provide cryptographic authentication and integrity validation?
Does the GNU GUIX
package manager in require successful cryptographic authentication and integrity validation for all packages?
I know that software downloaded with apt-get
packages must be cryptographically verified because the repo's manifest files (synced with apt-get update
) are cryptographically signed.
But what about guix
?
Does guix
require valid signatures from a pinned set of keys on all packages by default?