Dear all The X2Go project is proud to announce a new release of the X2Go component ,,x2go-keyring''.
New gains of this version of ,,x2go-keyring'' are:
o new internal format, bastardization of debian-keyring and
debian-archive-keyring
o added key for Mihai Moldovan
o added new, stronger packages signing key (RSA4096) to be used in the future
o correct usage of new apt.trusted.d directory with individual keyfiles
o lots of metadata updates
X2Go Component: x2go-keyring
Version: 2019.08.20
Status: RELEASE
Timestamp: 1566318311
Date: Tue, 20 Aug 2019 18:25:11 +0200
Changes:
x2go-keyring (2019.08.20) RELEASED; urgency=medium
.
[ Mike Gabriel ]
* Rename LICENSE file to COPYING.
.
[ Mihai Moldovan ]
* Change string "X2go" to "X2Go" where appropriate.
* Makefile: remove unnecessary newline.
* debian/rules: add myself to Copyright header.
* t/keyids-complete.t: use spaces instead of tabs.
* t/keyids-complete.t: more quotes and curly braces!
* t/keyids-complete.t: even more quotes!
* t/keyids-complete.t: use the last directory in the stack instead of the
top-level directory.
* runtests: use more quotes and curly braces.
* runtests: use spaces instead of tabs.
* t/keyids-complete.t: use bash.
* t/keyids-complete.t: make return-code an integer.
* t/keyids-complete.t: use pushd/popd instead of cd.
* t/keyids-complete.t: update comment.
* t/keyids-complete.t: use find ... -print0 | while read -r -d '' ...
instead of for loop.
* t/keyids-complete.t: more quotes.
* runtests: use trap and explicit exit statement while switching to using
the mktemp command.
* runtests: switch to bash.
* runtests: rework counters and exit status.
* runtests: rework quoting and shellcheck warnings.
* Makefile: replace with jetring-based top-level Makefile from
debian-archive-keyring package. Changes: Renamed files. Added test target.
"team-members" renamed to x2go-maintainers. Added
x2go-maintainers-removed-keys. Both files get installed as well.
* runtests: adapt to new layout.
* t/keyids-complete.t: adapt to new layout.
* t/no-expired.t: switch to bash.
* t/no-expired.t: improve quoting.
* t/no-expired.t: make exit code variable an integer.
* t/no-expired.t: adapt to new layout.
* scripts/:
- Remove create-prerm-script.
* Rename x2go-keyring-gpg to active-keys.
* Rename x2go-maintainers-gpg to x2go-maintainers.
* removed-keys/:
- Add empty index file.
* x2go-maintainers-removed-keys/:
- Add empty index file.
* Add README.maintainer file, copied from debian-archive-keyring and
adapted.
* x2go-maintainers/: convert to new mechanism, add own key, drop key for
Oleksandr Shneyder (invalid format).
- x2go-maintainers/: re-add key for Oleksandr Shneyder.
* active-keys/: convert to new mechanism.
* active-keys/: sign index.
* removed-keys/: sign index.
* x2go-maintainers/: sign index.
* x2go-maintainers-removed-keys/: sign index.
* keyrings: add signatures.
* Makefile: accept empty indices.
* .gitignore: rework.
* runtests: fix tempdir -> tmpdir typo.
* t/keyids-complete.t: fix stupid while -r ... read typo.
* t/keyids-complete.t: avoid using a subshell via pipes.
* t/keyids-complete.t: fix key name checking.
* active-keys/: add new RSA4096-based X2Go Packages Automatic Signing Key.
* keyrings/: refresh signature.
* Makefile: make gpg binary pseudo-selectable via a variable, defaulting to
"gpg2".
* Makefile: manually try to clean up keyrings via --export | --import if the
filtering command that uses newer GnuPG 2 syntax fails.
* Makefile: switch back to unversioned gpg binary. Even gnupg1 should be
good enough on older system like Jessie.
* keyrings/x2go-archive-keyring.gpg.asc: refresh signature after actually
inserting the correct key.
* README.maintainer: update documentation. We want to update the keyrings
before signing them and also reference the maintainers keyring which DOES
get installed in our package.
* keyrings/: update signatures on all keyring files.
* Makefile: create empty keyring files if the index file is empty. Newer
GnuPG versions create keybox files by default, but we explicitly (or
rather implicitly through jetring touching keyring files before importing
actual data and thus bypassing keybox creation) don't want this.
* Makefile: for good measure, also verify signatures on
x2go-maintainers{,-removed-keys}/index.
* Makefile: we don't need keyrings/x2go-maintainers-removed-keys.gpg as a
prerequisite for checking index signatures.
* Makefile: likewise compare signatures on
keyrings/x2go-maintainers{,-removed-keys}.gpg. Doesn't really make a huge
difference for the x2go-maintainers keyring, but why not.
* Makefile: add maintonly target for generating gpg-1.4/2.0-style
keyrings.
* Makefile: fallback to old-style keyring signature checks if the default
new-style ones failed validation.
* README.maintainer: update documentation to include old-style keyrings and
their signatures.
* Makefile: do not require a full build and verification run for the
maintonly target.
* Makefile: do not try to run gpg1 to export and import keys if the keyrings
are actually empty.
* Makefile: add old-style keyrings to cleanup.
* keyrings/: refresh signatures on new-style keyrings.
* keyrings/: add signatures on old-style keyrings.
* .gitignore: refresh with old-style and vim backup files.
* Makefile: check file size on prerequisite, not the just-generated target
file.
* keyrings/: refresh signatures on all keyrings.
* t/no-expired.t: make mawk-compatible.
* debian/control:
- Change maintainer to the mailing list.
- Add the old package maintainer to the Uploaders field and myself.
- Add build dependency upon jetring to create keyring files more easily.
- Add build dependency upon gnupg, needed anyway. We probably want a
fallback to gnupg2, but that might be a bit more tricky.
- Add Multi-Arch: foreign. As long as we can execute the build
dependencies, we don't care about their architecture.
- Replace gnupg Recommends with a version-less one. By now, the version
should be new enough in any case.
- Add ${misc:Depends}, mostly for good measure.
- Add build-dependency upon bash.
- Add build-dependency upon coreutils.
- Add build-dependency on debhelper >= 7.
- Bump up dh dependency to 9.
- Make sure we pull in gnupg2 on older Debian versions.
- Depend on gnupg package only. Making sure that gnupg2 is getting
installed unless such a package doesn't exist is too complicated. A
dependency such as "gnupg2 | gnupg" sadly doesn't work, because gnupg is
a base package and hence always installed, which immediately fulfils the
dependency.
* debian/rules:
- Simplify file... a lot.
- Don't use --no-parallel with dh commands in compat-9-mode.
* debian/:
- Add docs file, installing README.
- Add install file, installing actual data.
- Add postrm file, copied from debian-archive-keyring.
- Remove prerm.template.
- Add compat file, using dh-9 features.
* debian/postinst:
- Sync with debian-archive-keyring package.
- Update version for removals to 2019.08.04.
* debian/install:
- Clear out. We don't need this any longer since the Makefile stages all
files to the correct location.
* debian/postrm:
- Don't try to remove a symlink that never existed.
Regards,
Mihai Moldovan
signature.asc
Description: OpenPGP digital signature
_______________________________________________ x2go-announcements mailing list x2go-announcements@lists.x2go.org https://lists.x2go.org/listinfo/x2go-announcements
