[arch-projects] [devtools] [PATCH] Always sign unsigned packages
Allan McRae
allan at archlinux.org
Wed Feb 15 05:15:42 EST 2012
On 15/02/12 20:11, Allan McRae wrote:
> We do not allow packages to be uploaded with signatures so force
^ no ...
> all unsigned packages to be signed. This has the bonus of not
> breaking makepkg signing support by requiring you use an internal
> makepkg variable.
>
> Signed-off-by: Allan McRae <allan at archlinux.org>
> ---
> commitpkg.in | 12 ++++--------
> 1 files changed, 4 insertions(+), 8 deletions(-)
>
> diff --git a/commitpkg.in b/commitpkg.in
> index 8139090..4ce0f7b 100644
> --- a/commitpkg.in
> +++ b/commitpkg.in
> @@ -143,21 +143,17 @@ for _arch in ${arch[@]}; do
> uploads+=("$pkgfile")
>
> sigfile="${pkgfile}.sig"
> - if [[ $SIGNPKG == 'y' && ! -f $sigfile ]]; then
> + if [[ ! -f $sigfile ]]; then
> msg "Signing package ${pkgfile}..."
> if [[ -n $GPGKEY ]]; then
> SIGNWITHKEY="-u ${GPGKEY}"
> fi
> gpg --detach-sign --use-agent ${SIGNWITHKEY} "${pkgfile}" || die
> fi
> - if [[ -f $sigfile ]]; then
> - if ! gpg --verify "$sigfile" >/dev/null 2>&1; then
> - die "Signature ${pkgfile}.sig is incorrect!"
> - fi
> - uploads+=("$sigfile")
> - else
> - die "Signature ${pkgfile}.sig was not found"
> + if ! gpg --verify "$sigfile" >/dev/null 2>&1; then
> + die "Signature ${pkgfile}.sig is incorrect!"
> fi
> + uploads+=("$sigfile")
> done
> done
>
More information about the arch-projects
mailing list