[pacman-dev] [PATCH 1/2] Add support for verifying pgp signatures to makepkg

Dan McGee dpmcgee at gmail.com
Fri Jun 24 14:49:32 EDT 2011


On Fri, Jun 24, 2011 at 4:57 AM, Wieland Hoffmann
<themineo at googlemail.com> wrote:
> Hallo, Dan McGee:
>> On Thu, Jun 23, 2011 at 2:36 AM, Wieland Hoffmann
>> <themineo at googlemail.com> wrote:
>>
>> First, thanks for giving this a try.
>>
>> Commit descriptions are nice to have in permanent history, but all
>> that stuff you wrote in the cover letter won't show up. Can you
>> instead include some of that right here in the patch in commit
>> message-style writing?
>>
>> > ---
>> >  scripts/makepkg.sh.in |   52 +++++++++++++++++++++++++++++++++++++++++++++++-
>> >  1 files changed, 50 insertions(+), 2 deletions(-)
>> >
>> > diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
>> > index 78cd4cf..cc4f152 100644
>> > --- a/scripts/makepkg.sh.in
>> > +++ b/scripts/makepkg.sh.in
>> > +check_pgpsigs() {
>> > +       (( ! ${#source[@]} )) && return 0
>> > +       (( ! ${#pgpsigs[@]})) && return 0
>> > +
>> > +       if ! type -p gpg >/dev/null; then
>> > +               error "$(gettext "Cannot find the gpg binary! Is gnupg installed?")"
>> > +               exit 1 # $E_MISSING_PROGRAM
>> > +       fi
>> Please see the check_software patch
>> (http://projects.archlinux.org/pacman.git/commit/?id=7468956236), this
>> will need to be updated to work that way instead of how we used to do
>> it.
>
> Is it better to add a separate check or should I extend the existing one
> and its error message?

Probably just add a new block- checking it twice isn't that big of
deal, and that way the error message can say "required for verifying
source files" or whatever.

-Dan


More information about the pacman-dev mailing list