From 9d0673651c57438d51e18c6b8ca894d0491b2df3 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 24 Aug 2022 20:48:34 +0100 Subject: gentoo auto-resync : 24:08:2022 - 20:48:33 --- app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) (limited to 'app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild') diff --git a/app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild b/app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild index 8d1ff491bab0..9a19b508f3a1 100644 --- a/app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild +++ b/app-crypt/yubikey-manager/yubikey-manager-4.0.9.ebuild @@ -6,21 +6,22 @@ EAPI=8 PYTHON_COMPAT=( python3_{8..11} ) DISTUTILS_USE_PEP517=poetry -inherit distutils-r1 +inherit distutils-r1 verify-sig DESCRIPTION="Python library and command line tool for configuring a YubiKey" HOMEPAGE="https://developers.yubico.com/yubikey-manager/" -# Per https://github.com/Yubico/yubikey-manager/issues/217, Yubico is -# the official source for tarballs, not Github. -# Unfortunately in spite of having been mentioned on the Release Notes -# page since mid-July, as of mid-August 2022 there is still no trace -# of an official 4.0.9 tarball. -SRC_URI="https://github.com/Yubico/yubikey-manager/releases/download/${PV}/${P}.tar.gz -> ${P}.gh.tar.gz" +# According to https://github.com/Yubico/yubikey-manager/issues/518 the release +# tarballs on Yubico Web site and on GitHub should be identical, and at least +# for recent releases the latter are signed as well. Only the automatically +# generated "Source code (tar.gz)" tarballs should not be used. +SRC_URI="https://github.com/Yubico/${PN}/releases/download/${PV}/${P}.tar.gz -> ${P}.gh.tar.gz + verify-sig? ( https://github.com/Yubico/${PN}/releases/download/${PV}/${P}.tar.gz.sig -> ${P}.gh.tar.gz.sig )" LICENSE="BSD-2" SLOT="0" KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv ~x86" IUSE="ssl" +VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}/usr/share/openpgp-keys/yubico.com.asc" # app-crypt/ccid required for # - 'ykman oath' @@ -34,7 +35,8 @@ RDEPEND=" dev-python/pyscard[${PYTHON_USEDEP}] ssl? ( >=dev-python/pyopenssl-0.15.1[${PYTHON_USEDEP}] )" BDEPEND=" - test? ( dev-python/makefun[${PYTHON_USEDEP}] )" + test? ( dev-python/makefun[${PYTHON_USEDEP}] ) + verify-sig? ( >=sec-keys/openpgp-keys-yubico-20220824 )" distutils_enable_tests pytest -- cgit v1.2.3