commit: 220e84c85339d21f4d1d595c1c8351b386b63d52 Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Tue Feb 10 04:14:48 2026 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Tue Feb 10 04:18:58 2026 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=220e84c8
sec-keys.eclass: fix src_test with expired subkeys We need to keep expired subkeys in src_test too, otherwise we can get spurious test failures both from the inconsistency vs src_compile and it's also not a difference we care about either (and in fact losing such an expired subkey could cause failures to verify some distfile). Bug: https://bugs.gentoo.org/967745 Fixes: c74965ebc0f5455522979ae6470785a763d5706d Reviewed-by: Eli Schwartz <eschwartz <AT> gentoo.org> Signed-off-by: Sam James <sam <AT> gentoo.org> eclass/sec-keys.eclass | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/eclass/sec-keys.eclass b/eclass/sec-keys.eclass index 23b2f16a2b6e..ca1b4de57241 100644 --- a/eclass/sec-keys.eclass +++ b/eclass/sec-keys.eclass @@ -168,7 +168,11 @@ sec-keys_src_compile() { sec-keys_src_test() { local -x GNUPGHOME=${WORKDIR}/gnupg local key fingerprint name server - local gpg_command=(gpg --export-options export-minimal) + if has_version -b ">=app-crypt/gnupg-2.5.17"; then + local gpg_command=(gpg --export-options export-minimal,keep-expired-subkeys) + else + local gpg_command=(gpg --export-options export-minimal) + fi # Best-effort attempt to check for updates. keyservers can and usually # do fail for weird reasons, (such as being unable to import a key
