Age | Commit message (Collapse) | Author | Files | Lines |
|
This command now imports keys, subkeys, and signatures of those keys &
subkeys. This will allow us to actually match developers with their
packages signed by subkeys rather than the primary key.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This adds a namedtuple so we aren't using magic numbers when processing
our 'edges' (signatures). We also ensure we update any existing
signature objects with their validity if they were later revoked.
Signed-off-by: Dan McGee <dan@archlinux.org>
|
|
This allow importing signatures from a provided gpg keyring, such as
that produced by the generate_keyring management command that already
exists. These will eventually be used for producing stats involving
developer signing keys and their certification by master keys.
Signed-off-by: Dan McGee <dan@archlinux.org>
|