Maybe this is non-trivial, but just throwing out the idea: It would be nice if it was possible to pull in the functionality for reading and verifying signatures RPMs without pulling in the code necessary to create or sign them. A significant number of use cases involve read-only or write-only interactions with RPM packages rather than doing both at once.
Unless that functionality is trivial compared to the core code which would be needed for all operations.
Maybe this is non-trivial, but just throwing out the idea: It would be nice if it was possible to pull in the functionality for reading and verifying signatures RPMs without pulling in the code necessary to create or sign them. A significant number of use cases involve read-only or write-only interactions with RPM packages rather than doing both at once.
Unless that functionality is trivial compared to the core code which would be needed for all operations.