X-Git-Url: http://git.draconx.ca/gitweb/homepage.git/blobdiff_plain/79dfd09162d1c4e201eccec188057c0e9ded2260..220aba7ec291f6f8de8982074a3488d28b4aee1f:/lib/project-readme.rb
diff --git a/lib/project-readme.rb b/lib/project-readme.rb
index 7469171..079640e 100644
--- a/lib/project-readme.rb
+++ b/lib/project-readme.rb
@@ -1,6 +1,6 @@
# Nick's web site: Generate a project page from a submodule README.md
#
-# Copyright © 2021 Nick Bowler
+# Copyright © 2021-2022 Nick Bowler
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -47,7 +47,7 @@ def project_readme(item = @item)
EOF
else
newsver, news = news.split("\n", 2)
- newsver.sub!(/^.*([[:digit:]][^:]*).*$/, '\1')
+ newsver.sub!(/^.*?([[:digit:]][^:]*).*$/, '\1')
targz = "#{shortname}-#{newsver}.tar.gz"
distbase = "/archive/#{shortname}"
@@ -82,21 +82,25 @@ def project_readme(item = @item)
obtaining += line.lstrip
end
+ gpg_keyid = "5B45D3D185B8E1F6"
obtaining += "\n\n" + <<~EOF
[gpg]: https://gnupg.org/
+ [keyring]: /pubring/#{gpg_keyid}.asc
Use the signature file to verify that the corresponding source
bundle is intact. After downloading both files, if [GnuPG][gpg]
is installed, the signature can be verified with a command like:
- gpg --verify #{targz}.sig
+ gpg --verify #{targz}.sig #{targz}
If the verification fails because you don't have the required
public key, that key can be imported with a command such as:
- gpg --keyserver keys.gnupg.net --recv-keys 5B45D3D185B8E1F6
+ gpg --keyserver keys.draconx.ca --recv-keys #{gpg_keyid}
- Then run the verify command again.
+ Then run the verify command again. Alternatively, you can
+ [download the public keyring][keyring] manually and import it
+ using `gpg --import`.
EOF
end