This is an automated email from the git hooks/post-receive script. guillem pushed a commit to branch main in repository dpkg.
View the commit online: https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=b83114daa69c50d368199d00fbb67e190068b273 commit b83114daa69c50d368199d00fbb67e190068b273 Author: Guillem Jover <[email protected]> AuthorDate: Thu Dec 15 23:45:06 2022 +0100 Dpkg::Backend::GnuPG: Ensure future signing interop with gpg --openpgp GnuPG upstream has decided to get out of the standardizing process for OpenPGP, and instead is trying to push its own proprietary fork based on an old draft that did not have consensus within the IETF working group. This is going to be a source of interoperability problems, but we can mitigate them somewhat when creating signatures by requiring compliance with the OpenPGP RFC, even if it's going to be locked into an old version, as later ones are not planned to get implemented. More so, given that the latest releases of GnuPG have been switched to default to the proprietary draft. --- scripts/Dpkg/OpenPGP/Backend/GnuPG.pm | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm b/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm index 5a235b2e0..09cd54d0d 100644 --- a/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm +++ b/scripts/Dpkg/OpenPGP/Backend/GnuPG.pm @@ -257,6 +257,7 @@ sub inline_sign { my @exec = ($self->{cmd}); push @exec, _gpg_options_weak_digests(); push @exec, qw(--utf8-strings --textmode --armor); + push @exec, '--openpgp'; if ($key->type eq 'keyfile') { # Promote the keyfile keyhandle to a keystore, this way we share the # same gpg-agent and can get any password cached. -- Dpkg.Org's dpkg
