This is an automated email from the git hooks/post-receive script. jamessan pushed a commit to branch master in repository devscripts.
commit 120b9f2efe59c7e20da143a989aa3f3a316274fd Author: James McCoy <[email protected]> Date: Mon Jan 20 22:39:08 2014 -0500 uscan: Move keyring location for signature verification under debian/upstream/ Signed-off-by: James McCoy <[email protected]> --- debian/NEWS | 8 ++++++++ debian/changelog | 3 ++- scripts/uscan.1 | 2 +- scripts/uscan.pl | 9 ++++++--- 4 files changed, 17 insertions(+), 5 deletions(-) diff --git a/debian/NEWS b/debian/NEWS index d70c594..7191484 100644 --- a/debian/NEWS +++ b/debian/NEWS @@ -1,3 +1,11 @@ +devscripts (2.14.0) unstable; urgency=low + + uscan now looks for upstream's keyring as debian/upstream/signing-key.pgp. + The previously used location, debian/upstream-signing-key.pgp, will be + checked as a last resort for a transition period. + + -- James McCoy <[email protected]> Mon, 20 Jan 2014 22:21:16 -0500 + devscripts (2.11.9) unstable; urgency=low The default for mk-build-deps --tool option/MKBUILDDEPS_TOOL configuration diff --git a/debian/changelog b/debian/changelog index 4746081..5ee98a7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -devscripts (2.14.1) UNRELEASED; urgency=low +devscripts (2.14.0) UNRELEASED; urgency=low [ Jakub Wilk ] * Add sadt, a simple implementation of DEP-8 test runner (closes: #712095). @@ -19,6 +19,7 @@ devscripts (2.14.1) UNRELEASED; urgency=low (Closes: #728182) + Support escaped characters in the Files-Excluded patterns. Thanks to Csillag Tamas and Russ Albery for the patch. (Closes: #733111) + + Move keyring location for signature verification under debian/upstream/. -- Jakub Wilk <[email protected]> Fri, 27 Dec 2013 18:39:11 +0100 diff --git a/scripts/uscan.1 b/scripts/uscan.1 index d0ce0f9..dac5928 100644 --- a/scripts/uscan.1 +++ b/scripts/uscan.1 @@ -292,7 +292,7 @@ If present, the supplied rules will be applied to the downloaded URL that will be used to fetch the detached OpenPGP signature file for the upstream tarball. Some common rules might be `\fBs/$/.asc/\fR' or `\fBs/$/.pgp/\fR' or `\fBs/$/.gpg/\fR'. This signature must be made -by a key found in the keyring \fBdebian/upstream-signing-key.pgp\fR. +by a key found in the keyring \fBdebian/upstream/signing-key.pgp\fR. If it is not valid, or not made by one of the listed keys, uscan will report an error. .SH "Directory name checking" diff --git a/scripts/uscan.pl b/scripts/uscan.pl index 787f69e..70a735d 100755 --- a/scripts/uscan.pl +++ b/scripts/uscan.pl @@ -30,6 +30,7 @@ use Dpkg::IPC; use File::Basename; use File::Copy; use File::Temp qw/tempfile tempdir/; +use List::Util qw/first/; use filetest 'access'; use Getopt::Long qw(:config gnu_getopt); use lib '/usr/share/devscripts'; @@ -702,6 +703,7 @@ sub process_watchline ($$$$$$) my $style='new'; my $urlbase; my $headers = HTTP::Headers->new; + my $keyring; # Comma-separated list of features that sites being queried might # want to be aware of @@ -813,8 +815,9 @@ sub process_watchline ($$$$$$) # Check validity of options if (exists $options{'pgpsigurlmangle'}) { - if (not (-r 'debian/upstream-signing-key.pgp')) { - uscan_warn "$progname warning: pgpsigurlmangle option exists, but debian/upstream-signing-key.pgp does not exist\n in $watchfile, skipping:\n $line\n"; + $keyring = first { -r $_ } qw(debian/upstream/signing-key.pgp debian/upstream-signing-key.pgp); + if (!defined $keyring) { + uscan_warn "$progname warning: pgpsigurlmangle option exists, but the upstream keyring does not exist\n in $watchfile, skipping:\n $line\n"; return 1; } elsif (! $havegpgv) { uscan_warn "$progname warning: pgpsigurlmangle option exists, but you must have gpgv installed to verify\n in $watchfile, skipping:\n $line\n"; @@ -1407,7 +1410,7 @@ EOF print "-- Verifying OpenPGP signature $newfile_base.pgp for $newfile_base\n" if $verbose; system('/usr/bin/gpgv', '--homedir', '/dev/null', - '--keyring', 'debian/upstream-signing-key.pgp', + '--keyring', $keyring, "$destdir/$newfile_base.pgp", "$destdir/$newfile_base") >> 8 == 0 or uscan_die("$progname warning: OpenPGP signature did not verify.\n"); } -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/devscripts.git _______________________________________________ devscripts-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/devscripts-devel
