Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Packagers: PGP signing key changes for Breathe >= v4.23.0 #591

Closed
vermeeren opened this issue Oct 20, 2020 · 7 comments
Closed

Packagers: PGP signing key changes for Breathe >= v4.23.0 #591

vermeeren opened this issue Oct 20, 2020 · 7 comments
Assignees
@vermeeren
Labels
packaging Requirements, setup.py, etc

Comments

@vermeeren
Copy link
Collaborator 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

The PGP key that was used for Breathe < v4.23.0 is:
pub   rsa4096/9EF1DC92B5F301BD 2015-08-09 Melvin Vermeeren <mail@mel.vin>
 Primary key fingerprint: 79DC 0FAF 18C3 1807 E82E  1A6B 9EF1 DC92 B5F3 01BD

The PGP key that will be used for Breathe >= v4.23.0 is:
pub   rsa4096/A72F627716EA9D96 2019-09-26 Melvin Vermeeren (vermware) <vermeeren@vermwa.re>
 Primary key fingerprint: 8AED 5802 1FEA CDD5 F27B  A0E6 A72F 6277 16EA 9D96

Public key itself can be found on the usual keyservers.
I submit them manually to https://keys.openpgp.org/ and the SKS pool.

Maintainership will continue without any changes.
This message is signed by the old key.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETnzUjuV5O+rCrz6nRiwQnTrHuFkFAl+PAfIACgkQRiwQnTrH
uFnQWhAAo/1yw9QYbrCZLfVLZAadgUsslRsA0RDK8Gcv52wz0Ix4zNTF7jwc4Ewr
gQI0u0Hn4Gezdphtxji/EhJT5b6UipTyvyPNh3LRpa3BI6md4z9yKg/9OB23EH8r
xTTUA5424bi2rIpcD/NMbDJHWaCTKuXa3Dt1r3k+bP/7+rORyu2DqiSxvE3j4YwV
O9HkvQwvuY7pjbRyh7zDmv1rT12AuHzUcnkNBvezFex7a60Z3Yc1QdeZI21+lus9
ph7w9AeKhk2She2auWdAK9OiopLjdCEACBV1WqHlh/bITi02lddO5Av/W6dbrjnV
6vsFe5rE3G6axN6om9rfzDf5ycjtNVm6JcCtgwfgwCMSfhna042m6sO5unePp3kp
IjLlCyv0/9GQETscRjoJI1PYeksTIkVZq0Zzry9Kfsr13d7YQn71C8q+X7l+wFd/
9qn0iEfoFlmoUk7zMDMIhp1Unahe5Y9WjKIqCoLQC2TB8BPFsmn0EQB0/Hp6N8HU
fD3LTBBmSG1xrwiWMj8hRhhQxoBwf83ZU0B/z/zQlMil4jrGfYbgenm5ZavkVQyp
mQAsrIKDbbWPsNI+/5tWIPByPB00JifwEIuAoNnFOEYo9sQEYAvZZiqcHVP6bbfN
H2uTDpzScyalzo9+qQuzYZczMQlkeHdd/qtZe+mePqH+tnIMNzg=
=2iZy
-----END PGP SIGNATURE-----
@vermeeren vermeeren self-assigned this Oct 20, 2020
@vermeeren vermeeren pinned this issue Oct 20, 2020
archlinux-github pushed a commit to archlinux/svntogit-community that referenced this issue Oct 21, 2020
upgpkg: python-breathe 4.23.0-1
9185572 
The PGP key used by the upstream developer changed
for versions >= 4.23.0[1][2].

[1] breathe-doc/breathe@f83ad98
[2] breathe-doc/breathe#591


git-svn-id: file:///srv/repos/svn-community/svn@728106 9fca08f4-af9d-4005-b8df-a31f2cc04f65
archlinux-github pushed a commit to archlinux/svntogit-community that referenced this issue Oct 21, 2020
upgpkg: python-breathe 4.23.0-1
0832be6 
The PGP key used by the upstream developer changed
for versions >= 4.23.0[1][2].

[1] breathe-doc/breathe@f83ad98
[2] breathe-doc/breathe#591

git-svn-id: file:///srv/repos/svn-community/svn@728106 9fca08f4-af9d-4005-b8df-a31f2cc04f65
@vermeeren vermeeren added the packaging Requirements, setup.py, etc label Nov 15, 2020
@michaeljones
Copy link
Collaborator

@vermeeren - to check, the deploy key email I've just had is from you?

@vermeeren
Copy link
Collaborator Author

vermeeren commented Nov 15, 2020
edited
Loading

@michaeljones Yeah. To check more, the SHA512 of the deploy key itself, including ssh-rsa and comment at the end is, is 91b23af945b12f1cde4b89fc6bdfbe62232681e4a835a0382ad1373b52bfb5bb434220a165b12f5a033d564f4e0efb9e1d98d095ae34c65358d4b041ce7ccd40.

@michaeljones
Copy link
Collaborator

Thanks for the extra validation. All makes me a little nervous though :)

I'm afraid it errors saying "Key is already in use." Perhaps you've already got it for another project? Only a guess though. I don't know what the actual restrictions are.

@vermeeren
Copy link
Collaborator Author

@michaeljones Added the key to my personal GitHub account earlier to make sure things are set up properly. Indeed that would cause conflict, I just removed it. Can you try again?

@michaeljones
Copy link
Collaborator

Done!

@vermeeren
Copy link
Collaborator Author

@michaeljones Confirmed it works nicely over here, thanks again!

@vermeeren vermeeren unpinned this issue Mar 29, 2021
@vermeeren
Copy link
Collaborator Author

Commit 8004da9 removes the notice from the README as it's been up for approx half a year, so I also consider it time to unpin this issue and close it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vermeeren vermeeren

Labels
packaging Requirements, setup.py, etc
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@michaeljones @vermeeren