Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit8f76463

Browse files
committed
Update README with new key fingerprints
Thanksgitpython-developers#612 (comment)
1 parent1c1e984 commit8f76463

File tree

2 files changed

+9
-16
lines changed

2 files changed

+9
-16
lines changed

‎README.md

Lines changed: 8 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -132,19 +132,18 @@ This script shows how to verify the tarball was indeed created by the authors of
132132
this project:
133133

134134
```
135-
curl https://pypi.python.org/packages/7e/13/2a556eb97dcf498c915e5e04bb82bf74e07bb8b7337ca2be49bfd9fb6313/GitPython-2.1.5-py2.py3-none-any.whl\#md5\=d3ecb26cb22753f4414f75f721f6f626z > gitpython.whl
136-
curl https://pypi.python.org/packages/7e/13/2a556eb97dcf498c915e5e04bb82bf74e07bb8b7337ca2be49bfd9fb6313/GitPython-2.1.5-py2.py3-none-any.whl.asc > gitpython-signature.asc
135+
curl https://pypi.python.org/packages/5b/38/0433c06feebbfbb51d644129dbe334031c33d55af0524326266f847ae907/GitPython-2.1.8-py2.py3-none-any.whl#md5=6b73ae86ee2dbab6da8652b2d875013a > gitpython.whl
136+
curl https://pypi.python.org/packages/5b/38/0433c06feebbfbb51d644129dbe334031c33d55af0524326266f847ae907/GitPython-2.1.8-py2.py3-none-any.whl.asc > gitpython-signature.asc
137137
gpg --verify gitpython-signature.asc gitpython.whl
138138
```
139139

140140
which outputs
141141

142142
```
143-
gpg: Signature made Sat Jun 10 20:22:49 2017 CEST using RSA key ID 3B07188F
144-
gpg: Good signature from "Sebastian Thiel (In Rust I trust!) <byronimo@gmail.com>" [unknown]
145-
gpg: WARNING: This key is not certified with a trusted signature!
146-
gpg: There is no indication that the signature belongs to the owner.
147-
Primary key fingerprint: 4477 ADC5 977D 7C60 D2A7 E378 9FEE 1C6A 3B07 188F
143+
gpg: Signature made Mon Dec 11 17:34:17 2017 CET
144+
gpg: using RSA key C3BC52BD76E2C23BAC6EC06A665F99FA9D99966C
145+
gpg: issuer "byronimo@gmail.com"
146+
gpg: Good signature from "Sebastian Thiel (I do trust in Rust!) <byronimo@gmail.com>" [ultimate]
148147
```
149148

150149
You can verify that the keyid indeed matches the release-signature key provided in this
@@ -164,18 +163,12 @@ If you would like to trust it permanently, you can import and sign it:
164163

165164
```
166165
gpg --import ./release-verification-key.asc
167-
gpg --edit-key 9FEE1C6A3B07188F
166+
gpg --edit-key 88710E60
167+
168168
> sign
169169
> save
170170
```
171171

172-
Afterwards verifying the tarball will yield the following:
173-
```
174-
$ gpg --verify gitpython-signature.asc gitpython.whl
175-
gpg: Signature made Sat Jun 10 20:22:49 2017 CEST using RSA key ID 3B07188F
176-
gpg: Good signature from "Sebastian Thiel (In Rust I trust!) <byronimo@gmail.com>" [ultimate]
177-
```
178-
179172
###LICENSE
180173

181174
New BSD License. See the LICENSE file.

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp