build(pkgbuild): reword hint for provenance skip escape hatch

claude · claude · commit ae96a3b2d2e0 · 2026-04-08T07:35:30.000Z
"For offline builds" was too narrow and framed the opt-out as a
convenience knob. Rephrase to make the rule explicit: use
PDU_SKIP_PROVENANCE_VERIFY only when a failure is unrelated to
artifact trust, so users don't treat it as a way to silence real
tampering signals.
diff --git a/template/parallel-disk-usage-bin/PKGBUILD b/template/parallel-disk-usage-bin/PKGBUILD
@@ -40,7 +40,7 @@ prepare() {
   for _file in "pdu-$_checksum" "completion.$pkgver.bash" "completion.$pkgver.fish" "completion.$pkgver.zsh"; do
     if ! gh attestation verify --repo "$_repo" "$_file"; then
       error 'Build provenance verification failed.'
-      plain 'hint: set PDU_SKIP_PROVENANCE_VERIFY=1 to skip verification (e.g., for offline builds).'
+      plain 'hint: set PDU_SKIP_PROVENANCE_VERIFY=1 to skip verification for failures unrelated to artifact trust (e.g. transient network errors).'
       return 1
     fi
   done
