Enable OpenPGP signature verification (Closes: #610712)
add a new opts= option for debian/watch files: pgpsigurlmangle.
if this option is present and the file debian/upstream-signing-key.pgp
exists (as an OpenPGP keyring) uscan will try to fetch the detached
signature based on the mangled URL, and verify it against the key(s)
stored in the keyring.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
parent
8ae9def2
Please register or sign in to comment