On Wed, 2016-03-30 at 12:14 +0000, Zbigniew Jędrzejewski-Szmek wrote: > I don't think you can discount this. Most maintainers don't check the > tarballs they download if they build fine, afaik. Checking the > signatures in %prep would force a significant change to how we build > srpms. Yeah, if this isn't automated SOMEHOW, I'm not going to do it, because I don't understand how to use GPG. I doubt I'm unusual in this regard.... -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
