* Baptiste Beauplat <lykn...@debian.org> [2024-12-04 22:17]:
On Wed, 2024-12-04 at 20:57 +0100, Jochen Sprickerhof wrote:* Baptiste Beauplat <lykn...@debian.org> [2024-12-04 20:19]: > A recent failure in snapshot CI[1] prompted us a new behavior from > debsnap. > > Indeed, since 12272acf[2], debsnap now checks unconditionally dsc files > for a good signature. > > We use a local keyring to sign the packages for the CI and I was going > to do a fix for the CI specifically but thinking about it, it seems > that snapshot does not guaranty that packages signature will be valid > against a given host keyring. > > The key might have been revoked or removed from the keyring. > > For instance: on my sid box, `debsnap coreutils 8.21-1.2` fails.Sorry for breaking the CI, that was not intended. The discussion on this was in: https://salsa.debian.org/debian/devscripts/-/merge_requests/434That's no trouble.> I'm not sure what the correct course of action here, making that check > optional? Disabled or enabled by default, with a way to override it? I think making it a warning would make sense. Do you want to send a MR?I'd rather let the people involved in the discussion have a go at it since there are more familiar to the code and the subject than me.
I have opened an MR here: https://salsa.debian.org/debian/devscripts/-/merge_requests/442 Cheers Jochen
signature.asc
Description: PGP signature
