There are valid reasons for a source files PGP signature to be changed (expired key, expired signature, additional person signing...). Thus providing a checksum for signature files can potentially cause a PKGBUILD to require unnecessary updating. Avoid this issue by using "SKIP" for the signature checksum. Fixes FS#31590. Signed-off-by: Allan McRae <allan@archlinux.org> --- scripts/makepkg.sh.in | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index fce7558..5e8ada3 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1049,10 +1049,14 @@ generate_checksums() { sum="SKIP" ;; *) - local file - file="$(get_filepath "$netfile")" || missing_source_file "$netfile" - sum="$(openssl dgst -${integ} "$file")" - sum=${sum##* } + if [[ ! $netfile = *.@(sig?(n)|asc) ]]; then + local file + file="$(get_filepath "$netfile")" || missing_source_file "$netfile" + sum="$(openssl dgst -${integ} "$file")" + sum=${sum##* } + else + sum="SKIP" + fi ;; esac -- 1.7.12