This is an automated email from the ASF dual-hosted git repository.
sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git
The following commit(s) were added to refs/heads/master by this push:
new 126b2630 Ignore cached gpg keys; always fetch
126b2630 is described below
commit 126b26309a79682ff4622112e8eee342b6c281ae
Author: Sebb <[email protected]>
AuthorDate: Sun Aug 25 17:56:14 2024 +0100
Ignore cached gpg keys; always fetch
---
.../workbench/views/actions/check-signature.json.rb | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/www/secretary/workbench/views/actions/check-signature.json.rb
b/www/secretary/workbench/views/actions/check-signature.json.rb
index 935b751b..1fc7e1f5 100644
--- a/www/secretary/workbench/views/actions/check-signature.json.rb
+++ b/www/secretary/workbench/views/actions/check-signature.json.rb
@@ -83,14 +83,17 @@ def validate_sig(attachment, signature, msgid)
# run gpg verify command
# TODO: may need to drop the keyid-format parameter when gpg is updated as
it might
# reduce the keyid length from the full fingerprint
- out, err, rc = Open3.capture3 gpg,
- '--keyid-format', 'long', # Show a longer id
- '--verify', signature.path, attachment.path
+
+ # Temp test - could be made permanent:
+ # Ignore existing cached keys, so we always fetch the current key
+ # out, err, rc = Open3.capture3 gpg,
+ # '--keyid-format', 'long', # Show a longer id
+ # '--verify', signature.path, attachment.path
# if key is not found, fetch and try again
- if
- err.include? "gpg: Can't check signature: No public key" or
- err.include? "gpg: Can't check signature: public key not found"
+ if true # IGNORE existing entries
+ # err.include? "gpg: Can't check signature: No public key" or
+ # err.include? "gpg: Can't check signature: public key not found"
then
# extract and fetch key
keyid = err[/[RD]SA key (ID )?(\w+)/,2]
