gpg key used to sign releases has expired #397

fenrus75 · 2024-04-12T14:20:21Z

gpg --homedir .gnupg --status-fd 1 --verify /builddir/build/SOURCES/bemenu-0.6.21.tar.gz.asc /builddir/build/SOURCES/bemenu-0.6.21.tar.gz
gpg: Signature made Wed 13 Mar 2024 02:28:36 AM UTC
gpg: using RSA key 16B6B7CACAF339DECE9F154729317348D687B86B
gpg: Good signature from "Bemenu Upstream" [expired]
gpg: Note: This key has expired!
Primary key fingerprint: 16B6 B7CA CAF3 39DE CE9F 1547 2931 7348 D687 B86B

our distro buildsystem doesn't like us to build packages with "bad" keys for obvious reasons, and in light of all the recent paranoia it might be a good idea to refresh the key/etc

Cloudef · 2024-04-12T14:22:04Z

Thanks for notifying, I'll try to get it renewed soon.

fenrus75 · 2024-04-12T14:27:48Z

(oh and thank you for signing your releases, it's appreciated)

Cloudef · 2024-04-12T14:39:05Z

Should be updated now, might take time to populate

rieje · 2024-07-17T05:41:49Z

Is it expired again? I get:

bemenu-0.6.22.tar.gz ... Passed (WARNING: the key has expired.) from Arch's PKGBUILD.

Cloudef · 2024-07-19T03:59:58Z

Expiration date should be 2027-04-12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

gpg key used to sign releases has expired #397

gpg key used to sign releases has expired #397

fenrus75 commented Apr 12, 2024

Cloudef commented Apr 12, 2024

fenrus75 commented Apr 12, 2024

Cloudef commented Apr 12, 2024

rieje commented Jul 17, 2024

Cloudef commented Jul 19, 2024

gpg key used to sign releases has expired #397

gpg key used to sign releases has expired #397

Comments

fenrus75 commented Apr 12, 2024

Cloudef commented Apr 12, 2024

fenrus75 commented Apr 12, 2024

Cloudef commented Apr 12, 2024

rieje commented Jul 17, 2024

Cloudef commented Jul 19, 2024