On Tue, 29 Aug 2017 06:05:06 +0100 Colin Watson <cjwat...@debian.org> wrote: > On Mon, Aug 28, 2017 at 02:36:20PM +0200, Yuri D'Elia wrote: > > The gnupg2 package in unstable has been renamed again and split into several > > components. > > > > The "gnupg" package is now the full suite, while "gpg" contains the binary > > itself. To avoid extra dependencies, it would be nice to update the > > dependency > > to "gnupg | gnupg2 | gpg". > > I'm not convinced that this is a good idea. gpg's package description > says: > > This package contains /usr/bin/gpg itself, and is useful on its own > only for public key operations (encryption, signature verification, > listing OpenPGP certificates, etc). If you want full capabilities > (including secret key operations, network access, etc), please > install the "gnupg" package, which pulls in the full suite of tools. > > pass requires secret key operations, not just public key operations.
I see that Yuri has filed another bug report in this regard (#873498). Somehow I think the maintainer of gnupg should be involved here before more such bugs are filed. So bringing Daniel into the loop here. I'd be interested to hear if changing the dependencies this way is what he recommends and if so, if he plans to do a proper MBF for that. Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
