On Aug 23, 2015 9:33 AM, "Osamu Aoki" <[email protected]> wrote: > > Hi, > > Its been almost 2 years. > > As I read the source of the current uscan of version 2.15.3, around L865: > > $keyring = first { -r $_ } > qw(debian/upstream/signing-key.pgp debian/upstream/signing-key.asc > debian/upstream-signing-key.pgp); > > So your requested feature is practically there.
Not really. This is looking for the keyring which is used to verify the signature. Ansgar wants uscan to be able to perform verification after the fact, using a cached signature stored in debian/upstream. That should really be a separate tool, which uscan could then use to do on the fly checking. I thought dkg may have also discussed having the signature stored somewhere, but maybe I'm misremembering. Cheers, James
_______________________________________________ devscripts-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/devscripts-devel
