Some changes in the configuration should lead to an updated provider-metadata.json.
Right now it can only be done manually.
One example is if a new OpenPGP keypair is used and the old public key should be kept accessible
because old advisories will not be resigned.
technical considerations
To have more dynamic here means to parse and potentially update the existing files.
It needs a better understanding when this shall happen and what of the
functions shall be exposed via the api.
Grown from #168 :
Some changes in the configuration should lead to an updated
provider-metadata.json. Right now it can only be done manually.One example is if a new OpenPGP keypair is used and the old public key should be kept accessible because old advisories will not be resigned.
technical considerations
To have more dynamic here means to parse and potentially update the existing files. It needs a better understanding when this shall happen and what of the functions shall be exposed via the api.