commit: 4c61c0919a5350df2c4b8c7059a2d6ca58e3a0a5 Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Mon Feb 16 05:53:04 2026 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Mon Feb 16 06:01:35 2026 +0000 URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=4c61c091
emaint: sync: implement `sync-openpgp-key-package` In repos.conf, `sync-openpgp-key-package` can now be set to a package which should receive early updates. Portage will warn if an update is available for that package after syncing, like it does for itself. One of the motivations here is to allow app-portage/getuto to skip aggressive key refreshes which can be quite time-comsuming. Bug: https://bugs.gentoo.org/968578 Signed-off-by: Sam James <sam <AT> gentoo.org> NEWS | 5 +++++ lib/portage/emaint/modules/sync/sync.py | 16 +++++++++++++--- lib/portage/repository/config.py | 4 ++++ man/portage.5 | 5 +++++ 4 files changed, 27 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index de17a54db5..d2ec1ecbb8 100644 --- a/NEWS +++ b/NEWS @@ -49,6 +49,11 @@ Features: * emerge: Warn on installed packages in @world without ebuilds available (bug #911180). +* repos.conf: Implement sync-openpgp-key-package (bug #968578). + + Portage will notify the user if a named package has an update available, + like it does for itself, after a sync. + Bug fixes: * man: portage(5): Document that binrepos.conf location must be unique. diff --git a/lib/portage/emaint/modules/sync/sync.py b/lib/portage/emaint/modules/sync/sync.py index eca52e2419..9311eee477 100644 --- a/lib/portage/emaint/modules/sync/sync.py +++ b/lib/portage/emaint/modules/sync/sync.py @@ -303,13 +303,23 @@ class SyncRepos: self.emerge_config.target_config.settings.get("CONFIG_PROTECT", "").split(), ) + msgs = [] + if "--quiet" in self.emerge_config.opts: + return msgs + early_update_packages = { "Portage": portage.const.PORTAGE_PACKAGE_ATOM, } - msgs = [] - if "--quiet" in self.emerge_config.opts: - return msgs + repos = self.emerge_config.target_config.settings.repositories + for repo in repos: + try: + key_package = repo.sync_openpgp_key_package + if not key_package: + continue + early_update_packages[f"OpenPGP keys ({repo.name})"] = key_package + except AttributeError: + continue porttree = self.emerge_config.target_config.trees["porttree"] vartree = self.emerge_config.target_config.trees["vartree"] diff --git a/lib/portage/repository/config.py b/lib/portage/repository/config.py index f3331db7f9..16b9ae701f 100644 --- a/lib/portage/repository/config.py +++ b/lib/portage/repository/config.py @@ -145,6 +145,7 @@ class RepoConfig: "sync_depth", "sync_hooks_only_on_change", "sync_openpgp_keyserver", + "sync_openpgp_key_package", "sync_openpgp_key_path", "sync_openpgp_key_refresh", "sync_openpgp_key_refresh_retry_count", @@ -269,6 +270,7 @@ class RepoConfig: repo_opts.get("sync-openpgp-keyserver", "").strip().lower() or None ) + self.sync_openpgp_key_package = repo_opts.get("sync-openpgp-key-package", None) self.sync_openpgp_key_path = repo_opts.get("sync-openpgp-key-path", None) sync_openpgp_key_refresh = repo_opts.get( @@ -755,6 +757,7 @@ class RepoConfigLoader: "sync_depth", "sync_hooks_only_on_change", "sync_openpgp_keyserver", + "sync_openpgp_key_package", "sync_openpgp_key_path", "sync_openpgp_key_refresh", "sync_openpgp_key_refresh_retry_count", @@ -1316,6 +1319,7 @@ class RepoConfigLoader: "priority", "sync_depth", "sync_openpgp_keyserver", + "sync_openpgp_key_package", "sync_openpgp_key_path", "sync_openpgp_key_refresh_retry_count", "sync_openpgp_key_refresh_retry_delay_exp_base", diff --git a/man/portage.5 b/man/portage.5 index 19ed7fe5a0..51bd460423 100644 --- a/man/portage.5 +++ b/man/portage.5 @@ -1224,6 +1224,11 @@ Extra options to give to rsync on repository synchronization. It takes precedence over a declaration in [DEFAULT] section, that takes precedence over PORTAGE_RSYNC_EXTRA_OPTS. .TP +.B sync\-openpgp\-key\-package +Package name providing the keyring referenced in sync\-openpgp\-key\-path. +If set, Portage will notify the user when an update is available for +this package immediately after syncing. +.TP .B sync\-openpgp\-key\-path Path to the OpenPGP key(ring) used to verify received repository. Used only for protocols supporting cryptographic verification, provided
