rpms/python-dateutil
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Check tarball signature

Browse Source 
I cannot really check that the key is valid, apart from the fact that
the person in control of the github repository uploaded a signature
with this key. So this check is nothing more than TOFU, but I think
it's still useful for the future.
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2016-05-04 21:54:52 -04:00
parent a099a842b2
commit 62b41f9003
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
python-dateutil.spec
View File

@ -10,9 +10,12 @@ Group: Development/Languages
License: Python
URL: https://github.com/dateutil/dateutil
Source0: https://github.com/dateutil/dateutil/releases/download/%{version}/python-dateutil-%{version}.tar.xz
Source1: https://github.com/dateutil/dateutil/releases/download/%{version}/python-dateutil-%{version}.tar.xz.asc
Source2: key-D964BEFB.gpg
BuildArch: noarch
BuildRequires: python-sphinx
BuildRequires: gnupg2
%description
The dateutil module provides powerful extensions to the standard datetime
@ -56,6 +59,7 @@ Summary: API documentation for python-dateutil
This package contains %{summary}.
%prep
gpgv2 --homedir . --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
%autosetup -p0
iconv --from=ISO-8859-1 --to=UTF-8 NEWS > NEWS.new
mv NEWS.new NEWS