Currently, we always act as if a (previously non-existent) --force option was specified: we never check existing local manifests for expiration and always call the backend on sync.
It's desirable to make this forced sync an opt-in instead: if an existing local manifest hasn't expired, assume it's valid. If it was tampered with, the tool/library can determine that upon reading it with full validation using the sponsorable public token.
In order to make the non-forced run as fast as possible, we don't even fetch the issuer manifest to get the public key for validation by default, unless the --validate option is specified too.
Currently, we always act as if a (previously non-existent)
--force
option was specified: we never check existing local manifests for expiration and always call the backend on sync.It's desirable to make this forced sync an opt-in instead: if an existing local manifest hasn't expired, assume it's valid. If it was tampered with, the tool/library can determine that upon reading it with full validation using the sponsorable public token.
In order to make the non-forced run as fast as possible, we don't even fetch the issuer manifest to get the public key for validation by default, unless the
--validate
option is specified too.