That's a GnuPG thing, right? There's nothing in the script itself that does any prompting...
Yup, GPG asks for a password to unlock secret key.
(unless, of course, you're crazy enough not to have a password protecting it...)
Well, I just realized anyway that the script *should* run unattended when building from source on a user machine, independent of whether the user has gpg or not. So, unless package signing is an integral part of the build process, the signing should only be turned on by the maintainer, and be off by default everywhere else.
Exactly what I tought when I did that in the first place ^_^
-- L a p o L u c h i n i l a p o @ l a p o . i t w w w . l a p o . i t / http://www.megatokyo.it
