Hello, On 9/25/18 10:53 PM, Bjoern Voigt wrote:
The macro %gpg_verify is unavailable (tested with Tumbleweed). What is currently the right way to verify GPG signatures of sources?
The functionality of this macro was completely replaced by the verify_source source service which runs automatically during check-in and build. If the package contains a %name.keyring, that keyring will be used to very any .asc/.sign file against matching .tar/.tar.gz etc. without further need to add anything in the spec file.
What is a good example package for GPG verification?
grep.
Andreas
--
Andreas Stieger