On Tue, 2016-03-22 at 18:29 +0100, Till Maas wrote: > I already meant to file this feature request after discussing this with > Werner Koch, so here it is and hopefully it will really be implemented: > https://bugs.gnupg.org/gnupg/issue2290 Excellent; thank you. And in the meantime it's possible just to gpg2 --dearmor $KEY.asc gpgv2 --keyring $KEY.asc.gpg %{SOURCE1} ${SOURCE0} > > The original draft does raise an interesting question — do we need to > > put the upstream PGP key directly into the package git tree instead of > > the lookaside cache? > IMHO this makes it easier to manage, since one can just use fedpkg > new-sources for the new tarball and signature without making sure that > the key stays in the sources file. And less chance of the key being changed. -- dwmw2
<<attachment: smime.p7s>>
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
