commit: 4751eb73831a1fd01f3dcc2caf4ac6911f93b474 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Sun Oct 19 15:53:32 2025 +0000 Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> CommitDate: Thu Oct 23 18:18:59 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4751eb73
verify-sig.eclass: Append a trailing newline to gpg --verify output Explicitly append a trailing newline to the output stream created by "gpg --verify", to ensure it always contains one. The FreePG patchset to GPG corrects handling the trailing newlines in cleartext signed messages, which means that GPG-created "incorrect" messages no longer include a trailing newline character [1]. We are parsing the checksum file via bash's "read" command that ignores the characters after the final newline character, so we need to ensure that one is always present after the ultimate checksum. Adding an extra newline to vanilla GnuPG output causes no harm, as the verification function will simply ignore the resulting empty line. [1] https://gitlab.com/freepg/gnupg/-/blob/a4e8d23439f1e101da3e335b3beab822be968d56/DIFF.md#handle-cleartext-signature-framework-csf-messages-correctly Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> eclass/verify-sig.eclass | 1 + 1 file changed, 1 insertion(+) diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass index 1cd3e1010ae5..4e38d327b838 100644 --- a/eclass/verify-sig.eclass +++ b/eclass/verify-sig.eclass @@ -380,6 +380,7 @@ _gpg_verify_signed_checksums() { verify-sig_verify_unsigned_checksums - "${algo}" "${files}" < <( verify-sig_verify_message "${checksum_file}" - "${key}" + echo ) }
