Denis 'GNUtoo' Carikli: > On Tue, 28 Aug 2018 18:53:00 +0000 > Joonas Kylmälä <joonas.kylm...@iki.fi> wrote: > >> Hi, >> >> I tried to draft patches for the RepWifi ticket over here: >> https://redmine.replicant.us/issues/1887. Please see them as >> attachments. > Thanks a lot for working on that. I've some comments below on the patch. > >> gpg --armor --verify >> $BASEDIR/prebuilt/common/apps/fil.libre.repwifiapp_9.apk.asc >> $BASEDIR/prebuilt/common/apps/fil.libre.repwifiapp_9.apk > This will need to be made automatic, else users will have a build > failure if they don't have the public key used to sign the apk in their > keyring. If making it automatic is too much time consuming, we could > also add some instructions to fetch that key as part of the wiki pages > on how to build Replicant.
It's already in the build instructions at https://redmine.replicant.us/projects/replicant/wiki/ReplicantSourceCode. I don't like that we would add automatically anything to users GPG keyring. But we could maybe include our own keyring to the source code and do something like here in the answer: https://stackoverflow.com/questions/19011093/how-do-i-verify-a-gpg-signature-matches-a-public-key-file At the time I prepared this patch I didn't know about the freedom issues with F-Droid, and those issues seem to block this patch right now and we should focus on fixing the freedom issues. Joonas
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Replicant mailing list Replicant@osuosl.org https://lists.osuosl.org/mailman/listinfo/replicant
