summaryrefslogtreecommitdiff
path: root/app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild
diff options
context:
space:
mode:
Diffstat (limited to 'app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild')
-rw-r--r--app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild18
1 files changed, 10 insertions, 8 deletions
diff --git a/app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild b/app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild
index 8d1ff491bab0..9a19b508f3a1 100644
--- a/app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild
+++ b/app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild
@@ -6,21 +6,22 @@ EAPI=8
PYTHON_COMPAT=( python3_{8..11} )
DISTUTILS_USE_PEP517=poetry
-inherit distutils-r1
+inherit distutils-r1 verify-sig
DESCRIPTION="Python library and command line tool for configuring a YubiKey"
HOMEPAGE="https://developers.yubico.com/yubikey-manager/"
-# Per https://github.com/Yubico/yubikey-manager/issues/217, Yubico is
-# the official source for tarballs, not Github.
-# Unfortunately in spite of having been mentioned on the Release Notes
-# page since mid-July, as of mid-August 2022 there is still no trace
-# of an official 4.0.9 tarball.
-SRC_URI="https://github.com/Yubico/yubikey-manager/releases/download/${PV}/${P}.tar.gz -> ${P}.gh.tar.gz"
+# According to https://github.com/Yubico/yubikey-manager/issues/518 the release
+# tarballs on Yubico Web site and on GitHub should be identical, and at least
+# for recent releases the latter are signed as well. Only the automatically
+# generated "Source code (tar.gz)" tarballs should not be used.
+SRC_URI="https://github.com/Yubico/${PN}/releases/download/${PV}/${P}.tar.gz -> ${P}.gh.tar.gz
+ verify-sig? ( https://github.com/Yubico/${PN}/releases/download/${PV}/${P}.tar.gz.sig -> ${P}.gh.tar.gz.sig )"
LICENSE="BSD-2"
SLOT="0"
KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv ~x86"
IUSE="ssl"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/yubico.com.asc"
# app-crypt/ccid required for
# - 'ykman oath'
@@ -34,7 +35,8 @@ RDEPEND="
dev-python/pyscard[${PYTHON_USEDEP}]
ssl? ( >=dev-python/pyopenssl-0.15.1[${PYTHON_USEDEP}] )"
BDEPEND="
- test? ( dev-python/makefun[${PYTHON_USEDEP}] )"
+ test? ( dev-python/makefun[${PYTHON_USEDEP}] )
+ verify-sig? ( >=sec-keys/openpgp-keys-yubico-20220824 )"
distutils_enable_tests pytest
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-11 18:15:08 +0000