Code review comment for ubuntu-archive-tools:optimize-phased-updater

poked around with the API and confirmed that binary payloads for signing do not show up in the output of getPublishedBinaries(); so as long as the assumption holds that p-u-p is the same for all binaries from a source, this implementation should be safe, and a lot faster.