Hello, On Wed, Jul 30, 2025 at 12:16:38PM +0200, Uwe Kleine-König wrote: > On Mon, Jul 14, 2025 at 09:52:41AM +0200, Uwe Kleine-König wrote: > > The obvious fixes would be to either put linux-6.16~rc5.tar.xz into a > > tmpfile only (i.e. under a different name) until signature verification > > passed; or to not skip the verification in the 2nd run. > > My perl foo isn't enough to implement the first suggestion (which IMHO > is superior), untested patch for the second:
I confirm that this patch works for me. With that the second run fails in the same way as the first as it should be. I highlight again that while considerably better, this is still non-optimal as after the failed download the unchecked archive is still in place for a build to continue. IMHO the unchecked file must get a different name (e.g. linux-6.16~rc5.tar.xz-unchecked) until the signature was verified (or uscan was called with --skip-signature). Best regards Uwe
signature.asc
Description: PGP signature
