Closed pnerg closed 5 years ago
jodersky
commented
5 years ago That's interesting, does gpg --version confirm that it is in fact using gpg version 1?
I'm asking because on Linux (Debian 10) /usr/bin/gpg2 is only a symlink to /usr/bin/gpg, which actually is version 2.
SethTisue
commented
5 years ago fwiw, on my MacOS system which I manage using Homebrew:
% brew upgrade gpg
Error: gpg 2.2.11 already installed
% which gpg
/usr/local/bin/gpg
% gpg --version
gpg (GnuPG) 2.2.11
...
% gpg2
zsh: correct 'gpg2' to 'gpg' [nyae]? n
zsh: command not found: gpg2
% brew install gpg2
Warning: gnupg 2.2.11 is already installed and up-to-date
To reinstall 2.2.11, run `brew reinstall gnupg`That's good news! I do want to encourage users to use the latest gpg, however I'm somewhat reluctant to add any kind of special logic to the plugin to determine which gpg binary to use.
IMO this plugin should just be a dumb proxy to gpg. The user is already able to override gpg globally in their environment, for example with ln -s /usr/bin/gpg2 ~/bin/gpg (this works because the default gpg command is just "gpg", not a hardcoded path such as "/usr/bin/gpg"). In case both gpg versions are required in a user's environment, then there is always the option of overriding gpgCommand, per project or even globally.
Often times, sbt-gpg is not the only component to require gpg in a software project. In the same spirit as #5, I think it is out of scope for this plugin to get special treatment for global gpg options.
Many on MacOS use gpg2 to sign files. Whilst it's possible to configure
gpgCommand := "/usr/local/bin/gpg2"It would be nice if the plugin could autodetect that gpg2 is installed and use it by default.