[pacman-dev] [PATCH 0/2] Add support for verifying pgp signatures to makepkg
Wieland Hoffmann
themineo at googlemail.com
Thu Jun 23 03:36:55 EDT 2011
Hi,
this adds support for verifying pgp signatures provided by upstream to
makepkg. A new array pgpsigs is defined holding the URLs to all the
signature files.
However, there're still a few quirks:
* You have to manually import the key which signed the source. Actually
that's good, but:
* You don't know why the verification failed. It's either a wrong
signature or the key is simply not known to gnupg. This is really
bad, so I've chosen to make pgp verification optional for now. makepkg
--pgp enables it.
Wieland Hoffmann (2):
Add support for verifying pgp signatures to makepkg
And update the manpages accordingly
doc/PKGBUILD.5.txt | 5 ++++
doc/makepkg.8.txt | 3 ++
scripts/makepkg.sh.in | 52 +++++++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 58 insertions(+), 2 deletions(-)
--
1.7.5.4
More information about the pacman-dev
mailing list