[Github-comments] [geany/geany-plugins] PGP key (#1119)
Alexander F. Rødseth
notifications at xxxxx
Mon Oct 11 09:24:28 UTC 2021
Hi,
I'm in the process of upgrading the `geany-plugins` package for Arch Linux.
However, `makepkg` complains about the 01380DF54FD09D02 key that is mentioned on the [download page](https://plugins.geany.org/downloads.html):
```
==> Making package: geany-plugins 1.38-1 (Mon Oct 11 11:21:33 2021)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
-> Found geany-plugins-1.38.tar.bz2
-> Found geany-plugins-1.38.tar.bz2.sig
==> Validating source files with b2sums...
geany-plugins-1.38.tar.bz2 ... Passed
geany-plugins-1.38.tar.bz2.sig ... Skipped
==> Verifying source file signatures with gpg...
geany-plugins-1.38.tar.bz2 ... FAILED (unknown public key 01380DF54FD09D02)
```
I also get `gpg: key 01380DF54FD09D02: no user ID` when importing it with `gpg`:
```
% gpg --keyserver hkps://keys.openpgp.org --search-keys 01380DF54FD09D02
gpg: data source: https://keys.openpgp.org:443
(1) 256 bit EDDSA key 01380DF54FD09D02, created: 2021-10-09
Keys 1-1 of 1 for "01380DF54FD09D02". Enter number(s), N)ext, or Q)uit > 1
gpg: key 01380DF54FD09D02: no user ID
gpg: Total number processed: 1
```
Is everything in order with the current PGP/GPG key?
I would prefer not to skip the key validation. For many packages, a signature and key are not available, and I appreciate that it is available for `geany-plugins`.
Cheers!
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/geany/geany-plugins/issues/1119
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.geany.org/pipermail/github-comments/attachments/20211011/c86e1762/attachment.htm>
More information about the Github-comments
mailing list