Hi, this adds support for verifying pgp signatures provided by upstream to makepkg. A new array pgpsigs is defined holding the URLs to all the signature files. However, there're still a few quirks: * You have to manually import the key which signed the source. Actually that's good, but: * You don't know why the verification failed. It's either a wrong signature or the key is simply not known to gnupg. This is really bad, so I've chosen to make pgp verification optional for now. makepkg --pgp enables it. Wieland Hoffmann (2): Add support for verifying pgp signatures to makepkg And update the manpages accordingly doc/PKGBUILD.5.txt | 5 ++++ doc/makepkg.8.txt | 3 ++ scripts/makepkg.sh.in | 52 +++++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 58 insertions(+), 2 deletions(-) -- 1.7.5.4