Debian Quality Assurance

debsig-verify (0.23) [PTS] [DDPO]

NEW: VCS has unreleased changes: 0.24 > 0.23

• Git: https://git.dpkg.org/git/dpkg/debsig-verify.git
• 
  Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
  For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
  The next upload will reset the information from the source package headers.
• Branch: main
• Path: debian/changelog
• Browser: https://git.dpkg.org/cgit/dpkg/debsig-verify.git
• Last scan: 2021-10-20 13:36:06+00
• Next scan: 2021-10-21 10:36:00+00
• Debian changelog in Git:

  debsig-verify (0.24) UNRELEASED; urgency=medium
  
    * Move GnuPG specific macros to the GnuPG backend module.
    * Rename gpgVerify() to sigVerify().
    * Add a new find_command() function.
    * Abstract the OpenPGP operations behind a frontend driver.
    * Move checkSigExist() from misc to openpgp module.
    * Documentation:
      - Update .gpg keyring references to .pgp in man page.
      - Mention OpenPGP instead of gpg in generic code comments.
    * Test suite:
      - Rename .gpg keyrings to .pgp.
      - Abstract OpenPGP details into debsig_openpgp_* functions.
      - Check OpenPGP backend availability.
      - Add sqop and sq OpenPGP backend support.
  
   -- Guillem Jover <guillem@debian.org>  Sat, 20 Mar 2021 01:50:00 +0100

• This branch is 13 commits ahead of tag 0.23
• Git log:

  commit 4b16e7f0c997e21605975bec98038843242d0a9b
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed May 19 01:21:41 2021 +0200
  
      doc: Clarify the requirement for OpenPGP keyrings
      
      The tools in general expect standard compliant OpenPGP keyrings, and not
      tool specific formats such as GnuPG keybox databases.
      
      Ref: #988646
      Prompted-by: Steve McIntyre <steve@einval.com>
  
  commit 5a6dce82929c2c4d883d228e643152ec5edb0c51
  Author: Guillem Jover <guillem@debian.org>
  Date:   Thu May 6 03:55:07 2021 +0200
  
      test: Remove obsolete and non-compliant test data
      
      These .deb archives contain old signatures that do not concatenate the
      debian-binary ar member, which is not compliant with the newer expected
      format. Remove them to avoid confusion, alongside the ancillary policies
      and keyrings.
      
      Reported-by: Charles Duffy <charles@dyfis.net>
  
  commit 1377779982e20c631224c656e90bfb6b6332af29
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed Mar 10 01:49:47 2021 +0100
  
      Move checkSigExist() from misc to openpgp module
      
      This function handles OpenPGP signatures.
  
  commit 42b763b68b292e75e7183d1b5b56ecb5c4041bf3
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed Mar 10 01:46:02 2021 +0100
  
      Abstract the OpenPGP operations behind a frontend driver
      
      Add an abstraction so that we can more easily add alternative
      OpenPGP backend implementations.
  
  commit 2def1a6ad4033e6f7111cd92994f1841268d065c
  Author: Guillem Jover <guillem@debian.org>
  Date:   Sat Mar 20 01:42:29 2021 +0100
  
      Add a new find_command() function
      
      This is imported from dpkg, because it currently does not provide it in
      libdpkg. Once that is done we can drop it.
  
  commit 08f951143d6296af78954e25b044d1bf018d59b1
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed Mar 10 01:30:00 2021 +0100
  
      test: Add sqop and sq OpenPGP backend support
      
      Prefer the sqop, over sq, over gpg when detecting the commands, but
      preserve the current Build-Depends order with gpg being preferred to
      sqop and sq.
  
  commit ff03579ecbf30758372cf1786910b1222a91c2a8
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed Mar 10 01:30:00 2021 +0100
  
      test: Check OpenPGP backend availability
      
      Detect whether we can find a required OpenPGP backend during test time.
  
  commit f693465364f62ea5d511d7ea172ecfe689af13ad
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed Mar 10 01:25:04 2021 +0100
  
      test: Abstract OpenPGP details into debsig_openpgp_* functions
      
      These were previously called debsig_*_gpg, which makes adding new
      backends problematic. And the detached signature code was inlined.
  
  commit 0ec08e7f8273459e8ae2e7589bdf0224d8d42248
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed Mar 10 01:10:38 2021 +0100
  
      doc: Mention OpenPGP instead of gpg in generic code comments
  
  commit 4aadd78ca6a7574974835e1c3ae3a33b244252a8
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed Mar 10 01:08:57 2021 +0100
  
      Rename gpgVerify() to sigVerify()
      
      The function should be a backend-neutral abstraction.
  
  commit 60e5fe0fcd7adce978e91b9cf97bbb529ded46a1
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed Mar 10 00:47:17 2021 +0100
  
      Move GnuPG specific macros to the GnuPG backend module
      
      Let's not pollute the generic code with backend-specific code.
  
  commit e28a48a29c2c516c96f7940bb14d3291b3927422
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed Mar 10 00:45:37 2021 +0100
  
      doc: Update .gpg keyring references to .pgp in man page.
      
      The standard is called OpenPGP, and GnuPG is just one implementation
      among several, even though a pretty wide-spread one. Use the more
      neutral name which is closer to the standard.
      
      Still reference the .gpg extensions for a transitional period.
  
  commit 159447644312f0b07f923d87ed71e8e34c167be5
  Author: Guillem Jover <guillem@debian.org>
  Date:   Wed Mar 10 00:45:37 2021 +0100
  
      test: Rename .gpg keyrings to .pgp
      
      The standard is called OpenPGP, and GnuPG is just one implementation
      among several, even though a pretty wide-spread one. Use the more
      neutral name which is closer to the standard.

Package: [Main page]

---

Back to the Debian Project homepage.

---