On Wed, 05 Jun 2024 03:26:09 +0300, Gregory Casamento wrote: > Let us do another release of GUI to address the recent issue with > nib loading.
Thanks for making a new release; this kind of regression is certainly important enough to warrant it. I don't know what went wrong but it looks like the signature at ftp.gnustep.org is bad: $ gpg --verify --verbose gnustep-gui-0.31.1.tar.gz.sig gpg: enabled compatibility flags: gpg: assuming signed data in 'gnustep-gui-0.31.1.tar.gz' gpg: Signature made 6.06.2024 (чт) 12:39:51 EEST gpg: using DSA key 83AAE47CE829A4146EF83420CA868D4C99149679 gpg: issuer "[email protected]" gpg: using pgp trust model gpg: BAD signature from "GNUstep Maintainer <[email protected]>" [unknown] gpg: binary signature, digest algorithm SHA1, key algorithm dsa1024 For Debian it doesn't matter much because even a good signature is rejected by current dpkg: dpkg-source: info: verifying ./gnustep-base_1.30.0.orig.tar.gz.asc gpgv: Signature made Wed May 29 19:34:34 2024 UTC gpgv: using DSA key 83AAE47CE829A4146EF83420CA868D4C99149679 gpgv: issuer "[email protected]" gpgv: Note: signatures using the SHA1 algorithm are rejected gpgv: Can't check signature: Bad public key dpkg-source: warning: cannot verify upstream tarball signature for ./gnustep-base_1.30.0.orig.tar.gz: no acceptable signature found I'm pretty sure I told Ivan about this some time ago. (It's not a problem that impedes our work but would be nice to fix in the near future.)
