Konstantin Ryabitsev wrote:
>gpg --verify (and gpgv) will return 0 even if the key is revoked or
>expired, so you can't really rely on exit code alone. The following is
>the right approach:
>
>gpgv --homedir /tmp --keyring %{SOURCE2} --status-fd=1 %{SOURCE1}
>%{SOURCE0} | grep -q '^\[GNUPG:\] GOODSIG'Will that check start to fail when the key expires? Do we want packages to start failing to build just because a certain date has passed? Or does the check fail only if the key had already expired when the signature was made? -- Björn Persson Sent from my computer.
signature.asc
Description: PGP signature
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
