Commits

Daniel Holth  committed f2dee57

'wheel verify' help

  • Participants
  • Parent commits 3dec03e

Comments (0)

Files changed (2)

File wheel/signatures/__init__.py

     
     Caller must decide whether the keys are actually trusted."""
     get_ed25519ll()    
-    # XXX forbid duplicate keys in JSON input
+    # XXX forbid duplicate keys in JSON input using object_pairs_hook
     encoded_headers = jwsjs["headers"]
     encoded_payload = binary(jwsjs["payload"])
     encoded_signatures = jwsjs["signatures"]

File wheel/tool/__init__.py

     wf.zipfile.close()
 
 def verify(wheelfile):
-    """Verify a wheel."""
+    """Verify a wheel.
+    
+    The signature will be verified for internal consistency ONLY and printed. 
+    Wheel's own unpack/install commands verify the manifest against the
+    signature and file contents.
+    """
     wf = WheelFile(wheelfile)
     sig_name = wf.distinfo_name + '/RECORD.jws'
     sig = json.loads(native(wf.zipfile.open(sig_name).read()))
     
     def verify_f(args):
         verify(args.wheelfile)
-    verify_parser = s.add_parser('verify', help='Verify signed wheel')
+    verify_parser = s.add_parser('verify', help=verify.__doc__)
     verify_parser.add_argument('wheelfile', help='Wheel file')
     verify_parser.set_defaults(func=verify_f)