[pacman-dev] gnupg package signing

Allan McRae allan at archlinux.org
Mon Nov 2 00:50:43 EST 2009

Dan McGee wrote:
> <snip>
> So some of the next steps:
> * Get consensus on whether the script side of the signing stuff is in
> a good enough state. This is basically the first 5 patches on my 'gpg'
> branch. Does anyone want to raise any objections, suggestions, or have
> comments?

I had a good look at the makepkg/repo-add patches today and I think it 
is "in a good enough state".  Despite having no idea what I am doing 
with gpg, I took them for a quick spin and they appear to do what is 

My only comment is minor.  In:

makepkg: allow signatures to work with split packages

this naming seems strange:

local pkg_file="$PKGDEST/${nameofpkg}-${pkgver}-${pkgrel}-${PKGARCH}${EXT}"
+ local 

zip_file is actually the package file and pkg_file is the uncompressed 
package file.  So how about changing these to tar_file and pkg_file 


More information about the pacman-dev mailing list