Hi. I'm going through the "make fixdeps" step of an upgrade to 3.8.1, and I'm running into problems installing/upgrading two perl modules.
Here's what "make testdeps" reports: SOME DEPENDENCIES WERE MISSING. GPG missing dependencies: GnuPG::Interface...MISSING CORE missing dependencies: Module::Versions::Report >= 1.05...MISSING Module::Versions::Report version 1.05 required--this is only version 1.02 make: *** [testdeps] Error 1 I can't manage to install/upgrade those perl modules, because their GPG signatures are not properly verifying. Here's what cpansign -v reports for Module-Versions-Report-1.05: Executing gpg --verify --batch --no-tty --keyserver=hkp://pgp.mit.edu:11371 --keyserver-options=auto-key-retrieve SIGNATURE gpg: Signature made Fri Jun 13 15:30:32 2008 EDT using DSA key ID 108E4046 gpg: Good signature from "Jesse Vincent <[EMAIL PROTECTED]>" gpg: aka "Jesse Vincent <[EMAIL PROTECTED]>" gpg: aka "Jesse Vincent <[EMAIL PROTECTED]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: AB4A 62CF 1A1A 119A 0462 39D6 122F 5DF7 108E 4046 --- SIGNATURE 2008-06-13 15:30:34.000000000 -0400 +++ - 2008-10-16 22:19:33.048637000 -0400 @@ -17,7 +17,7 @@ SHA1 bab979585b69021cd5060cc9d961382dee57c852 ChangeLog SHA1 5100a6effb9d891380cdef4568fd1b76256374a1 MANIFEST SHA1 b06a8885d1afbe56e1601b4950784b2dfc0a5208 MANIFEST.SKIP -SHA1 f989d5dce8c4cabe64fb945934be60116750ef8e META.yml +SHA1 96306e2dbb0a716c928f66f0b9eb3492caad0416 META.yml SHA1 13483ba20165e50ad24143c1a8a017f83bffe094 Makefile.PL SHA1 c1ef7c52be72b6f5c504fdc57bf5b8e438f80193 README SHA1 6d28fb26b7ebffb34df6363e8671cd1dc74ae917 lib/Module/Versions/Report.pm ==> MISMATCHED content between SIGNATURE and distribution files! <== and here's what I get for cpansign -v for GnuPG-Interface-0.36: Executing gpg --verify --batch --no-tty --keyserver=hkp://pgp.mit.edu:11371 --keyserver-options=auto-key-retrieve SIGNATURE gpg: Signature made Mon Aug 13 12:25:15 2007 EDT using DSA key ID 108E4046 gpg: Good signature from "Jesse Vincent <[EMAIL PROTECTED]>" gpg: aka "Jesse Vincent <[EMAIL PROTECTED]>" gpg: aka "Jesse Vincent <[EMAIL PROTECTED]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: AB4A 62CF 1A1A 119A 0462 39D6 122F 5DF7 108E 4046 --- SIGNATURE 2007-08-13 12:25:15.000000000 -0400 +++ - 2008-10-16 22:21:03.929275000 -0400 @@ -16,7 +16,8 @@ SHA1 187c2cfc1fc31d42c18d5b1653afa1a905bf266c COPYING SHA1 5df20960703ba8651c67f36ed4ed601e0d0d4406 ChangeLog -SHA1 ae07f475fb7a1668d2ffcfe090f99961ddb77d41 MANIFEST +SHA1 9da791ec2e2601cd2ec44553c319820ef4de6c0d MANIFEST +SHA1 ed72de33d3749888766ced62d18d95df9ad7e74d META.yml SHA1 7beeb96d32ce9fd224db1fe25052960fe640c464 Makefile.PL SHA1 d6e32c5128419cdbfe6e6f846ff7f64fc0adac2f NEWS SHA1 1047dc54823b1321e939274dd261d8e40febee24 README ==> MISMATCHED content between SIGNATURE and distribution files! <== Both modules were downloaded from CPAN today, October 16. Jesse, I know you're a frequent poster to this list, so I'm hoping you can give me some clues here. Thank you all for your time. -- Todd Herr _______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [EMAIL PROTECTED] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com