Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#72237 - [libass] use pgp key

Attached to Project: Arch Linux
Opened by T.J. Townsend (blakkheim) - Saturday, 25 September 2021, 15:34 GMT
Last edited by Evangelos Foutras (foutrelis) - Tuesday, 23 August 2022, 01:48 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Maxime Gauduin (Alucryd)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
The libass package has a "validpgpkeys" line but does not actually make use of it. This diff adds the missing "?signed" marker to the source line.

Additional info:
The tags are signed, but commits are not.
   libass.diff (0.5 KiB)
This task depends upon

Closed by  Evangelos Foutras (foutrelis)
Tuesday, 23 August 2022, 01:48 GMT
Reason for closing:  Fixed
Additional comments about closing:  Changed in trunk to build from signed tarballs.
Comment by T.J. Townsend (blakkheim) - Saturday, 23 October 2021, 21:49 GMT
Ping
Comment by T.J. Townsend (blakkheim) - Wednesday, 09 March 2022, 17:09 GMT
Ping
Comment by T.J. Townsend (blakkheim) - Wednesday, 03 August 2022, 18:46 GMT
Ping
Comment by T.J. Townsend (blakkheim) - Friday, 12 August 2022, 15:13 GMT
Updated diff
   libass-v2.diff (0.7 KiB)
Comment by Evangelos Foutras (foutrelis) - Tuesday, 23 August 2022, 01:47 GMT
The issue with tags is that they can be changed to point to another commit (thus the need for hash pinning). For this particular package, the simpler solution is to use the signed tarball offered by upstream.

Loading...