PEAR Package Release Protocol RFC
Summary: Adding a command to pyrus to release packages through a supporting pear channel.
ala - pyrus push MyPackage-x.x.x.tgz
I'd like a new protocol added to the channels that would indicate if a channel supported remotely pushing releases. This would be in the channel.xml file and would be indicated by something like
<releaseupload> <baseurl type="RELEASEUPLOAD1.0">http://pear2.php.net/push</baseurl> </releaseupload>
Finer points, The ticket issuing would allow the channel to make a decision if that user can release the specified package either by checking a list of admins, or existing package leads.
The openssl encryption seems like a good way to handle releases. Storing the public keys on the channel would be necessary.
Tickets expire quickly, are random, and are good only once.