Skip to content

3.0.1 is not signed/ can not be packaged #45

Closed
@dvzrv

Description

@dvzrv

Hi! I'm packaging python-smmap for Arch Linux.
When trying to build 3.0.1 I noticed that there is no detached PGP signature for the tarball on pypi.

As we have established 2CF6E0B51AAF73F09B1C21174D1DA68C88710E60 as a valid signing key (per TOFU), I can not package version 3.0.1, until this is resolved.

Due to a missing USB dongle (?), both gitpython and gitdb now have a broken chain of trust for their PGP signatures as well.
It would be really great to resolve this.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions