On 23/08/2018 20:01, s...@apache.org wrote: > Author: sebb > Date: Thu Aug 23 18:01:30 2018 > New Revision: 1838746 > > URL: http://svn.apache.org/viewvc?rev=1838746&view=rev > Log: > SVN-4736 - fix gpg command > > Modified: > subversion/site/staging/download.html > > Modified: subversion/site/staging/download.html > URL: > http://svn.apache.org/viewvc/subversion/site/staging/download.html?rev=1838746&r1=1838745&r2=1838746&view=diff > ============================================================================== > --- subversion/site/staging/download.html (original) > +++ subversion/site/staging/download.html Thu Aug 23 18:01:30 2018 > @@ -253,7 +253,7 @@ Other mirrors: > <em>or</em><br /> > <code> > % gpg --import subversion.asc<br /> > -% gpg --verify subversion-[version].tar.gz.asc > +% gpg --verify subversion-[version].tar.gz.asc subversion-[version].tar.gz Testing GPG locally (2.2.8 - Windows 10 - bundled version with Gpg4Win 3.1.2) running the command w/o specifying the filename of the gz archive works fine: "gpg: assuming signed data in 'subversion-1.10.2.tar.bz2' [...]"
Is this command problematic with older GPG versions? If not, why not keep the command as short as possible and rely on the default resolution of the archive name? > </code></p> > > <p>Alternatively, you can verify the checksums on the >
smime.p7s
Description: S/MIME Cryptographic Signature
