commit: ea651959e3713ed09ebdec3c7ef274ca0e8350a3
Author: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
AuthorDate: Mon May 20 18:47:16 2024 +0000
Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Mon May 20 18:47:16 2024 +0000
URL: https://gitweb.gentoo.org/proj/qa-scripts.git/commit/?id=ea651959
keyrings.inc.bash: avoid the SHA1 warning
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>
keyrings.inc.bash | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/keyrings.inc.bash b/keyrings.inc.bash
index 7c63e0d..6fe0dca 100644
--- a/keyrings.inc.bash
+++ b/keyrings.inc.bash
@@ -103,7 +103,8 @@ export_keys() {
# 'gpg --export' returns zero if there was no error with the command
itself
# If there are no keys in the export set, then it ALSO does not write
the destination file
# and prints 'gpg: WARNING: nothing exported' to stderr
- if ! gpg "${GPG_EXPORT_OPTS[@]}" --output "$TMP" --export "${@}"; then
+ # --quiet is needed to avoid "Note: third-party key signatures using
the SHA1 algorithm are rejected" "(use option "--allow-weak-key-signatures" to
override)"
+ if ! gpg --quiet "${GPG_EXPORT_OPTS[@]}" --output "$TMP" --export
"${@}"; then
echo "Unable to export keys to $DST: GPG returned non-zero"
exit 1
fi
