Todd, I only became aware of this fork yesterday, and have packaged it and put it on bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2173236 Hopefully, someone who can will review and approve it. Someone did review it, but is not eligible to approve. Thanks! On Sunday, February 26, 2023 at 10:44:38 AM CST, Todd Zullinger <tmz@xxxxxxxxx> wrote: Hi, Globe Trotter via devel wrote: > I have been trying to package slim again. The package does not come with a signature or a gpg key. > > From https://docs.fedoraproject.org/en-US/packaging-guidelines/#_source_file_verification I don't see an option of what to do if there is no signature provided. > > Any suggestions or pointers to where I can get guidance on this? Per the guidelines: Where the upstream project publishes OpenPGP signatures of their releases, Fedora packages SHOULD verify that signature as part of the RPM build process. If upstream doesn't provide a signature for their releases, then there isn't anything to verify. The guideline is also a SHOULD not a MUST, so it's not a blocker to lack signature verification (though I'd argue it should be a very strong SHOULD, if not a MUST. ;) It might be worth asking the upstream maintainer if they would consider signing the release tarballs. I have to guess that you're looking to use slim-fork, rather than the original slim? The latter hasn't seen any changes since 2013¹, while the former has been updated recently to 1.4.0² (as far as I can tell with some quick searching). ¹ https://github.com/iwamatsu/slim/tags ² https://sourceforge.net/projects/slim-fork/files/ -- Todd _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue