You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
33599e1 Remove guix-verify tool (laanwj)
Pull request description:
It doesn't look like anyone is using this, nor maintaining it, remove it from the repository.
Closes#151.
ACKs for top commit:
achow101:
ACK 33599e1
Tree-SHA512: d5d928ad6fbee207a584959329fc7e9e15b75c371441ebbef4469b4dfc9bb38c95c867093dff94b838bedf4b809450a0e322af94ba5ec1c39aec142e054a684c
Copy file name to clipboardExpand all lines: README.md
-47Lines changed: 0 additions & 47 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -279,53 +279,6 @@ Make a new release tag, performing a few checks.
279
279
280
280
Usage: `make-tag.py <tag>`.
281
281
282
-
guix-verify
283
-
-----------
284
-
285
-
A script to verify guix deterministic build signatures for a release in one
286
-
glance. It will print a matrix of signer versus build package ("noncodesigned"
287
-
and "all"), and a list of missing keys.
288
-
289
-
To be able to verify PGP signatures, it needs the `gpg` modules. This can be
290
-
installed from pip, for example:
291
-
292
-
```sh
293
-
pip3 install --user gpg
294
-
```
295
-
296
-
(or install the distribution package, in Debian/Ubuntu this is `python3-gpg`).
297
-
298
-
Example usage: `./guix-verify.py -r 24.0 -d ../guix.sigs -k ../bitcoin/contrib/builder-keys/keys.txt`
299
-
300
-
Where
301
-
302
-
-`-r 24.0` specifies the release to verify signatures for.
303
-
-`-d ../gitian.sigs` specifies the directory where the repository with signatures, [gitian.sigs](https://github.com/bitcoin-core/gitian.sigs/) is checked out.
304
-
-`../bitcoin/contrib/builder-keys/keys.txt` is the path to `keys.txt` file inside the main repository that specifies the valid keys and what signers they belong to.
305
-
306
-
Example output:
307
-
```
308
-
Signer noncodesigned all
309
-
0xb10c No Key -
310
-
achow101 OK OK
311
-
benthecarman No Key -
312
-
...
313
-
314
-
Missing keys
315
-
norisg 3A51FF4D536C5B19BE8800A0F2FC9F9465A2995A from GPG, from keys.txt
316
-
...
317
-
```
318
-
319
-
See `--help` for the full list of options and their descriptions.
320
-
321
-
The following statuses can be shown:
322
-
323
-
-`Ok` Full match.
324
-
-`No key` Signer name/key combination not in keys.txt, or key not known to GPG (which one of these it is, or both, will be listed under "Missing keys").
325
-
-`Expired` Known key but it has expired.
326
-
-`Bad` Known key but invalid PGP signature.
327
-
-`Mismatch` Correct PGP signature but mismatching binaries.
0 commit comments