bogus File.can_be_signed method returns True for each xpi file

RESOLVED FIXED in 2015-04

Status

addons.mozilla.org Graveyard
Admin/Editor Tools
RESOLVED FIXED
3 years ago
3 years ago

People

(Reporter: magopian, Assigned: magopian)

Tracking

unspecified
2015-04
x86
Mac OS X

Details

(Whiteboard: [qa-])

(Assignee)

Description

3 years ago
We only want to sign extensions, not all the files that have a ".xpi" extension. For example, complete themes also use the ".xpi" extension, but shouldn't be signed.

STR:
1/ submit a complete theme
2/ grant it a review (full or preliminary)
3/ download the file, unzip it
4/ verify that it's signed (but it shouldn't): there's the three files zigbert.sf, zigbert.rsa and manifest.mf in the META-INF folder
(Assignee)

Comment 1

3 years ago
PR: https://github.com/mozilla/olympia/pull/471
Assignee: nobody → mathieu
(Assignee)

Comment 2

3 years ago
Fixed in https://github.com/mozilla/olympia/commit/2845a406ae393a4c14a7c71dc82fe6ccafdc2294
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
(Assignee)

Updated

3 years ago
Whiteboard: [qa-]
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.