DPM Config Files
dpm.config files are yaml format files which store the location of the package cache, along with the registered sources.
The default config file lives in %APPDATA%\.dpm\dpm.config.yaml - it will be created when first accessed.
Most dpm cli commands have a -configFile option. If that is not specified, then dpm will look for a dpm.config file in the current folder. If that is not found, then the default config file will be used.
Example
yaml
packageCacheLocation: "C:\\Users\\vincent.OFFICE\\AppData\\Roaming\\.dpm\\package_cache"
author: Vincent Parrett
signing:
validationMode: permissive
authorDowngradePolicy: prompt
allowKeyCompromiseOverride: false
trustedPublishers:
- name: VSoft Technologies
spki: 895eb1c77dc114802e80c6ff22b5140483bd09379482f4babfee752865207e16
trustedRepositories:
- url: https://delphi.dev
spki: 7a3f9b2c5d6e8f1a4b7c9d2e5f8a1b4c7d9e2f5a8b1c4d7e9f2a5b8c1d4e7f9a
packageSources:
- name: dpminternal
source: "i:\\dpm-internal"
type: Folder
enabled: true
- name: DPM
source: 'https://delphi.dev/api/v2/index.json'
type: DPMServer
enabled: true| Property | Value |
|---|---|
| packageCacheLocation | The location of the default global packages folder. The default is %APPDATA%\.dpm\package_cache |
| author | The default author used by the spec scaffolder - optional |
| signing | Package signing configuration |
| packagesSources | An array of packageSource objects |
signing
See Package Signing for an overview of how signing and verification work.
| Property | Value |
|---|---|
| validationMode | How strictly signatures are verified: permissive (default), require, repository-required, author-and-repository. |
| authorDowngradePolicy | What to do when a previously-signed package id appears unsigned: prompt (default), deny, or allow. |
| allowKeyCompromiseOverride | Whether the user may override a known-compromised key warning. Defaults to false. |
| trustedPublishers | List of trusted publishers, each with a name and the SPKI fingerprint (spki) of their signing certificate. |
| trustedRepositories | List of trusted repositories, each with a url and the SPKI fingerprint (spki) of the repository signing key. |
packageSource
| Property | Value |
|---|---|
| name | The name of the source |
| source | The uri of the packageSource |
| enabled | Whether the source is enabled or not (boolean) |
| apiKey | The push apiKey for a httpspackageSource |