[pacman-dev] [PATCH 0/2] Add support for verifying pgp signatures to makepkg

Wieland Hoffmann themineo at googlemail.com
Thu Jun 23 03:36:55 EDT 2011


Hi,

this adds support for verifying pgp signatures provided by upstream to
makepkg. A new array pgpsigs is defined holding the URLs to all the
signature files.

However, there're still a few quirks:

* You have to manually import the key which signed the source. Actually
  that's good, but:

* You don't know why the verification failed. It's either a wrong
  signature or the key is simply not known to gnupg. This is really
  bad, so I've chosen to make pgp verification optional for now. makepkg
  --pgp enables it.

Wieland Hoffmann (2):
  Add support for verifying pgp signatures to makepkg
  And update the manpages accordingly

 doc/PKGBUILD.5.txt    |    5 ++++
 doc/makepkg.8.txt     |    3 ++
 scripts/makepkg.sh.in |   52 +++++++++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 58 insertions(+), 2 deletions(-)

-- 
1.7.5.4



More information about the pacman-dev mailing list