| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Bug: https://bugs.gentoo.org/835396
Signed-off-by: Ulrich Müller <ulm@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
| |
|
|
|
|
|
|
|
| |
Split the logic for verifying checksums into a dedicated functions
that can also be used directly when dealing with a checksum file
that uses a detached signature.
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
|
| |
|
|
|
|
|
|
| |
It is useful for verifying distfiles that come from OpenBSD folks, since
signify produces signatures incompatible with GnuPG.
Signed-off-by: Anna Vyalkova <cyber+gentoo@sysrq.in>
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
| |
|
|
|
|
|
|
| |
Add a function to verify files containing PGP signed messages (i.e. not
using detached signatures). This will be used for projects that publish
signed checksum lists.
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Joonas Niilola <juippis@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
|
|
verify-sig eclass provides a streamlined approach to verifying upstream
signatures on distfiles. Its primary purpose is to permit developers
to easily verify signatures while bumping packages. The eclass removes
the risk of developer forgetting to perform the verification,
or performing it incorrectly, e.g. due to additional keys in the local
keyring. It also permits users to verify the developer's work.
Signed-off-by: Michał Górny <mgorny@gentoo.org>
|
Ulrich Müller
Michał Górny
Anna Vyalkova
Joonas Niilola
GitWeb