| 1 |
On Wed, 2023-03-08 at 22:54 +0000, Sam James wrote: |
| 2 |
> On Wed, 8 Mar 2023 17:33:24 +0100 |
| 3 |
> Michał Górny <mgorny@g.o> wrote: |
| 4 |
> |
| 5 |
> > Use openpgp-verify-detached when app-portage/gemato-20.0 is installed. |
| 6 |
> > This lets us test the new code paths on ~arch with minimal risk |
| 7 |
> > of breakage on stable. |
| 8 |
> > |
| 9 |
> > Signed-off-by: Michał Górny <mgorny@g.o> |
| 10 |
> > --- |
| 11 |
> > eclass/verify-sig.eclass | 13 ++++++++++--- |
| 12 |
> > 1 file changed, 10 insertions(+), 3 deletions(-) |
| 13 |
> > |
| 14 |
> > This is roughly the same patch that I've sent before, except that now |
| 15 |
> > it features a has_version condition to restrict the changes to ~arch |
| 16 |
> > gemato version. |
| 17 |
> > |
| 18 |
> > diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass |
| 19 |
> > index 91433bf53453..f67a3b10a0bf 100644 |
| 20 |
> > --- a/eclass/verify-sig.eclass |
| 21 |
> > +++ b/eclass/verify-sig.eclass |
| 22 |
> > @@ -144,9 +144,16 @@ verify-sig_verify_detached() { |
| 23 |
> > # gpg can't handle very long TMPDIR |
| 24 |
> > # https://bugs.gentoo.org/854492 |
| 25 |
> > local -x TMPDIR=/tmp |
| 26 |
> > - gemato gpg-wrap -K "${key}" |
| 27 |
> > "${extra_args[@]}" -- \ |
| 28 |
> > - gpg --verify "${sig}" "${file}" || |
| 29 |
> > - die "PGP signature verification |
| 30 |
> > failed" |
| 31 |
> > + if has_version -b ">=app-portage/gemato-20"; |
| 32 |
> |
| 33 |
> Do we want to log when taking this path temporarily? |
| 34 |
> |
| 35 |
|
| 36 |
I don't think it's necessary, the output is clearly distinguishable. |
| 37 |
|
| 38 |
-- |
| 39 |
Best regards, |
| 40 |
Michał Górny |
Archives