>>>>> On Tue, 06 Oct 2020, Michał Górny wrote: > Signed-off-by: Michał Górny <mgo...@gentoo.org> > --- > app-crypt/openpgp-keys-miniupnp/Manifest | 2 ++ > app-crypt/openpgp-keys-miniupnp/metadata.xml | 9 ++++++++ > .../openpgp-keys-miniupnp-20201006.ebuild | 23 +++++++++++++++++++ > 3 files changed, 34 insertions(+) > create mode 100644 app-crypt/openpgp-keys-miniupnp/Manifest > create mode 100644 app-crypt/openpgp-keys-miniupnp/metadata.xml > create mode 100644 > app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild
> diff --git a/app-crypt/openpgp-keys-miniupnp/Manifest > b/app-crypt/openpgp-keys-miniupnp/Manifest > new file mode 100644 > index 000000000000..c8f82da42fa6 > --- /dev/null > +++ b/app-crypt/openpgp-keys-miniupnp/Manifest > @@ -0,0 +1,2 @@ > +DIST A31ACAAF.asc 3139 BLAKE2B > 4574c3f37965fafa4e2d703276a585d1f17b0da862042620681bac591062b3b70c52cbe5481da543d3c3193a640c06e9d86c3cef1568ae3a3f62901a6ad200ab > SHA512 > ecad52850fdcc7c21bab81917b3cea85c48b751534427d3db5750c43cbce73916ec4879e4f5535d4b87b7eca927ad249e384c5597702a0052afa89c23c5719b9 > +DIST A5C0863C.asc 3098 BLAKE2B > fdbc8629fd462b9cc72c568b0af5607951055abc03a1e344e4c1b411fb87bfa285c2e29d2781f9e9b02ec0bc63eacf55e5dc19198056a417ba3358dba445cc0c > SHA512 > adebff655374dbc8a045f9ab148f9fc343b043e80cb7e4e14c66aa56bfb2f0f5521e294c7600ca708893efc84679f788116d82ef5818370f1425f03dea0a77b9 > diff --git a/app-crypt/openpgp-keys-miniupnp/metadata.xml > b/app-crypt/openpgp-keys-miniupnp/metadata.xml > new file mode 100644 > index 000000000000..5a5a3aaf4299 > --- /dev/null > +++ b/app-crypt/openpgp-keys-miniupnp/metadata.xml > @@ -0,0 +1,9 @@ > +<?xml version="1.0" encoding="UTF-8"?> > +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd";> > +<pkgmetadata> > + <maintainer type="person"> > + <email>mgo...@gentoo.org</email> > + <name>Michał Górny</name> > + </maintainer> > + <stabilize-allarches/> > +</pkgmetadata> > diff --git > a/app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild > b/app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild > new file mode 100644 > index 000000000000..4b07eeca6024 > --- /dev/null > +++ b/app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild > @@ -0,0 +1,23 @@ > +# Copyright 1999-2020 Gentoo Authors > +# Distributed under the terms of the GNU General Public License v2 > + > +EAPI=7 > + > +DESCRIPTION="OpenPGP keys used to sign miniupnp* packages" > +HOMEPAGE="http://miniupnp.free.fr/files/"; > +SRC_URI=" > + http://miniupnp.free.fr/A31ACAAF.asc > + http://miniupnp.free.fr/A5C0863C.asc > +" > + > +LICENSE="public-domain" > +SLOT="0" > +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv > s390 sparc x86" > + > +S=${WORKDIR} > + > +src_install() { > + local files=( ${A} ) > + insinto /usr/share/openpgp-keys > + newins - miniupnp.asc < <(cat "${files[@]/#/${DISTDIR}/}") > +} > -- > 2.28.0 This relies again on Manifest digests for the integrity of the key distfiles themselves. What do we gain by this indirection, as compared to validating the distfiles of the target package by their Manifest? Ulrich
signature.asc
Description: PGP signature
