search

iustin / pyxattr

A python module for accessing filesystem Extended Attributes
https://pyxattr.k1024.org/
GNU Lesser General Public License v2.1
30 stars 15 forks source link

Broken signature for 0.6.1 #19

Closed lfos closed 5 years ago

lfos commented 5 years ago

It seems like you accidentally created a standard signature instead of a detached signature:

gpg: Signature made Wed 25 Jul 2018 12:06:59 AM CEST
gpg:                using RSA key CB94E3AA3B1755D61EBB19A5F66E3E419F84F4DE
gpg: Good signature from "Iustin Pop <iustin@k1024.org>" [unknown]
gpg:                 aka "Iustin Pop <iusty@k1024.org>" [unknown]
gpg:                 aka "Iustin Pop <iustin@debian.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: CB94 E3AA 3B17 55D6 1EBB  19A5 F66E 3E41 9F84 F4DE
gpg: WARNING: not a detached signature; file 'pyxattr-0.6.1.tar.gz' was NOT verified!
iustin commented 5 years ago

Oops, sorry for that. Yes, my bash history confirms I forgot -b to the gpg invokation.

All fixed now, thanks!

lfos commented 5 years ago

It seems like you forgot to fix the signature on https://pyxattr.k1024.org/downloads/ as well...

iustin commented 5 years ago

Indeed, thanks for the note! Fixed now.