Bug #212: [dbscripts] make a check-signature script - dbscripts - Parabola Issue Tracker

Bug #212

[dbscripts] make a check-signature script

fauno - over 11 years ago - . Updated over 7 years ago.

Status:

open

Priority:

wish

Assignee:

% Done:

Description

this can be done with `gpg --verify public/$repo/os/$arch/$pkgname-$pkgver-$pkgrel.pkg.tar.?z.sig` but you know :P

History

Updated by mtjm over 11 years ago

Do we need another script for this? Having developers to learn gpg --verify seems more useful. I don't remember any cases of invalid signatures (all such errors resulted from caching a different package).

Updated by fauno over 11 years ago

I use it to check who packaged something when db-update complains about already released packages ("on another repo").

Updated by mtjm over 11 years ago

I use tar xOf public/....tar.xz .PKGINFO, it works even in the case of bad or missing signatures.

Updated by lukeshu over 7 years ago

Project changed from libretools to dbscripts

Also available in: Atom PDF

Parabola GNU/Linux-libre

Project

General

Profile

Tools » dbscripts

Issues

Custom queries

Bug #212

[dbscripts] make a check-signature script

History

Updated by mtjm over 11 years ago

Updated by fauno over 11 years ago

Updated by mtjm over 11 years ago

Updated by lukeshu over 7 years ago