CondorCORE/condorcore-keyring
CondorCORE/condorcore-keyring
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Arch Linux CondorCore repo PGP keyring
349 Commits 7 Branches 112 Tags 19 MiB
Python 96.8%
Makefile 1.9%
Shell 1.3%
49ff2df1fc
Go to file
David Runge 49ff2df1fc
keyringctl: Implement filtering of certifications 
keyringctl:
Add `get_fingerprints_from_import_source()` to derive all fingerprints
of PGP public keys found in the import source.
Add `get_fingerprints_from_decomposed_dir()` to derive all fingerprints
of PGP public keys found in a directory structure holding decomposed PGP
packet data.
Add `get_fingerprints()` to derive a set of fingerprints of PGP public
keys provided through `get_fingerprints_from_import_source()` and
`get_fingerprints_from_decomposed_dir()`.
Change `convert()` and `convert_certificate()` to accept an optional set
of strings (`fingerprint_filter`) that may be used as a filter for
valid fingerprints when considering certifications.
Change `__main__` to call `convert()` when importing keys to packager or
main dir, providing `fingerprint_filter` which will attempt to look up
fingerprints in the source as well as the target.
2021-11-30 22:54:08 +01:00
.gitlab Update merge request templates 2021-08-18 17:00:51 +00:00
master Update keyring 2021-09-02 22:07:09 +02:00
master-revoked Update keyring 2020-01-08 14:44:28 +01:00
packager Update keyring 2021-11-30 00:18:53 +01:00
packager-revoked Update keyring 2021-11-30 00:18:53 +01:00
.editorconfig editorconfig: Extend for yaml files 2021-11-30 22:54:07 +01:00
.flake8 Add flake8 configuration 2021-11-30 22:54:06 +01:00
.gitattributes Remove unused files from source package 2017-05-26 08:51:44 +02:00
.gitignore Ignore IDE configuration 2017-05-26 08:23:34 +02:00
.gitlab-ci.yml gitlab-ci: Run lint, build and install 2021-11-30 22:54:08 +01:00
archlinux-revoked Update keyring 2021-08-18 23:52:26 +02:00
archlinux-trusted Update keyring 2021-06-11 08:52:53 +02:00
archlinux.gpg Update keyring 2021-11-30 00:18:53 +01:00
CONTRIBUTING.md Add contribution guidelines 2021-11-30 22:54:06 +01:00
keyringctl keyringctl: Implement filtering of certifications 2021-11-30 22:54:08 +01:00
LICENSE Add GPL-3.0-or-later license file 2021-07-29 07:48:34 +02:00
Makefile Makefile: Change to use new targets 2021-11-30 22:54:07 +01:00
master-keyids Add main key dvzrv 2021-05-08 20:35:53 +02:00
master-revoked-keyids Revoke thomas' master key 2019-10-11 21:49:49 +02:00
packager-keyids Add new packager key of Massimiliano Torromeo (mtorromeo) 2021-11-30 00:07:40 +01:00
packager-revoked-keyids removal of Alad Wenter (alad) 2021-08-18 23:39:08 +02:00
pyproject.toml Add pyproject.toml with tooling configuration 2021-11-30 22:54:06 +01:00
README.md README: Add new default sections and cleanup 2021-11-30 22:54:07 +01:00
update-keys update-keys: switch to keyserver keyserver.ubuntu.com 2021-08-02 13:23:39 +02:00

README.md

archlinux-keyring

The archlinux-keyring project holds PGP packet material and tooling (keyringctl) to create the distribution keyring for Arch Linux. The keyring is used by pacman to establish the web of trust for the packagers of the distribution.

The PGP packets describing the main signing keys can be found below the main directory, while those of the packagers are located below the packagers directory.

Requirements

The following packages need to be installed to be able to create a PGP keyring from the provided data structure and to install it:

  • make
  • python
  • sequoia-sq

Installation

To install archlinux-keyring system-wide use the included Makefile:

make install

Contribute

Development of archlinux-keyring takes place on Arch Linux' Gitlab: https://gitlab.archlinux.org/archlinux/archlinux-keyring.

Please read our distribution-wide Code of Conduct before contributing, to understand what actions will and will not be tolerated.

Read our contributing guide to learn more about how to provide fixes or improvements for the code base and how to add, update or remove key material.

Discussion around archlinux-keyring may take place on the arch-projects mailing list and in #archlinux-projects on Libera Chat.

All past and present authors of archlinux-keyring are listed in AUTHORS.

Releases

Releases of archlinux-keyring are created by its current maintainer Christian Hesse. Tags are signed using the PGP key with the ID 02FD1C7A934E614545849F19A6234074498E9CEE.

To verify a tag, first import the relevant PGP key:

gpg --auto-key-locate wkd --search-keys eworm@archlinux.org

Afterwards a tag can be verified from a clone of this repository:

git verify-tag <tag>

License

Archlinux-keyring is licensed under the terms of the GPL-3.0-or-later (see LICENSE).