Make watch file work + signature verification (!1) · Merge requests · Debian / opgpcard

John Scott requested to merge jscott/opgpcard:patch-1 into debian/master Aug 02, 2019

This fixes the watch file being broken and is based off the example on the wiki. To make the signature verification work, add your key like this.

Strangely, when I tried to verify the signature manually (without uscan), I got a bad signature:

$ gpg --verify opgpcard-0.2.0.tar.gz.asc
gpg: assuming signed data in 'opgpcard-0.2.0.tar.gz'
gpg: Signature made Fri 05 Apr 2019 07:19:20 AM EDT
gpg:                using EDDSA key 5E2B09E3B467240B7E6EFCFF4C8F909764A31421
gpg: key F305447AF806D46B: public key " <juga@riseup.net>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: BAD signature from " <juga@riseup.net>" [unknown]

Make watch file work + signature verification

Merge request reports