nix.settings.require-sigs
If enabled (the default), Nix will only download binaries from binary caches if
they are cryptographically signed with any of the keys listed in
nix.settings.trusted-public-keys. If disabled, signatures are neither
required nor checked, so it's strongly recommended that you use only
trustworthy caches and https to prevent man-in-the-middle attacks.
- Type
boolean- Default
true- Declared
- <nix-darwin/modules/nix>