Initially APK would sign packages and package index and verify
signatures individually. With the latest change, all packages inside a
trusted index are automatically trusted.
This is important within the OpenWrt eco-system since signing the index
happens on another machine than the package creation.
Signed-off-by: Paul Spooren <mail@aparcar.org>
PKG_SOURCE_URL=https://gitlab.alpinelinux.org/alpine/apk-tools.git
PKG_SOURCE_PROTO:=git
-PKG_SOURCE_DATE:=2024-05-23
-PKG_SOURCE_VERSION:=6052bfef57a81d82451b4cad86f78a2d01959767
-PKG_MIRROR_HASH:=bf14da82cc363ee32a956dd880343018361079018a48701dc2b05cb88c18010e
+PKG_SOURCE_DATE:=2024-08-06
+PKG_SOURCE_VERSION:=54caa31be633efc5f655700b77af290124f71689
+PKG_MIRROR_HASH:=f3be762deac4f1469a4a2839691175e78019cb44295089befafa279a3390067c
PKG_VERSION=3.0.0_pre$(subst -,,$(PKG_SOURCE_DATE))