libraries: make a release

Question

libraries: make a release

tasn opened this issue 8 months ago · comments

Tom Hacohen commented 8 months ago

We need to make a release of the libraries

Pavan Kumar Sunkara · Answer 1 · Fri Dec 08 2023 11:43:52 GMT+0800 (China Standard Time)

Would probably need to name the libraries to specify that they only do verification.

Tom Hacohen · Answer 2 · Fri Dec 08 2023 11:46:57 GMT+0800 (China Standard Time)

They also do signing. How would you recommend they should be named? The plan was standard webhooks.

Pavan Kumar Sunkara · Answer 3 · Sat Dec 09 2023 03:43:40 GMT+0800 (China Standard Time)

Wouldn't different codebases use those functions? Signing by producer, verifying by the consumer? Small modular libraries are much more preferable similar to how opentelemetry org does things.

Tom Hacohen · Answer 4 · Sat Dec 09 2023 05:09:24 GMT+0800 (China Standard Time)

The code has a lot of overlap, and the same dependencies (cryptography library), so I don't necessarily think splitting it is that useful. On the other hand it saves a lot of operational complexity not having yet another set of libraries.