On 10/11/2025 13:15, Christopher Schultz wrote:
Rainer,
On 11/9/25 12:35 PM, Rainer Jung wrote:
Hi there,
we now use gpg for two features:
a) signing release artefacts in the release target
b) checking signatures in the verify-release target
Now
a) gets run, whenever gpg.exec points to an existing file. If so, it
prompts interactively for a password to a siging key and uses that for
the signing. Since I want to run the release target but not to do the
signing, I used to set gpg.exec to a non-existing file.
Oh, right. This is why I set gpg.exec in build.properties.release: so
that signing would be enabled for a release-build by someone who was
verifying the release instead of preparing the release.
I'm not sure I follow.
The person verifying the release needs gpg.exec set to their local path
to gpg, not to whatever path the release manager used. Don't they?
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
