[arch-general] Harassment by David Runge

Tharre tharre3 at gmail.com
Sun May 12 00:37:57 UTC 2019

On 05/12, Marc Lehmann wrote:
> Actually, from the reference you provide, this seems to be exactly _not_
> the case. I'm certainly no expert in arch packaging, but it looks as if
> the arch package needs to explicitly add any gnupg signature files to the
> source array, otherwise they wouldn't be checked.
> I can't find anything in the documentation that would indicate that
> the existance of a .sig file on the server would trigger a mandatory,
> unavoidable check.

Correct, I was only talking about .sig files that the build system can
actually see, i.e. are part of the source array. makepkg doesn't
download files you don't tell it to, that would be quite insane indeed.

Sorry for the confusion.



PGP fingerprint: 42CE 7698 D6A0 6129 AA16  EF5C 5431 BDE2 C8F0 B2F4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20190512/300ccd4b/attachment.sig>

More information about the arch-general mailing list