X-Git-Url: http://git.draconx.ca/gitweb/homepage.git/blobdiff_plain/b81f2297172befffd519ca2cd9655a9e566d6001..fe387389cf437d11a969d51b5625cd6bc4ddb79f:/lib/project-readme.rb
diff --git a/lib/project-readme.rb b/lib/project-readme.rb
index 3338e8a..ffe3e3f 100644
--- a/lib/project-readme.rb
+++ b/lib/project-readme.rb
@@ -1,6 +1,6 @@
# Nick's web site: Generate a project page from a submodule README.md
#
-# Copyright © 2021 Nick Bowler
+# Copyright © 2021-2022 Nick Bowler
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -82,21 +82,25 @@ def project_readme(item = @item)
obtaining += line.lstrip
end
+ gpg_uid = "nbowler@draconx.ca"
obtaining += "\n\n" + <<~EOF
[gpg]: https://gnupg.org/
+ [keyring]: /pubring/#{gpg_uid}.asc
Use the signature file to verify that the corresponding source
bundle is intact. After downloading both files, if [GnuPG][gpg]
is installed, the signature can be verified with a command like:
- gpg --verify #{targz}.sig
+ gpg --verify #{targz}.sig #{targz}
If the verification fails because you don't have the required
public key, that key can be imported with a command such as:
- gpg --keyserver keys.gnupg.net --recv-keys 5B45D3D185B8E1F6
+ gpg --locate-external-keys #{gpg_uid}
- Then run the verify command again.
+ Then run the verify command again. Alternatively, you can
+ [download the public keyring][keyring] manually and import it
+ using `gpg --import`.
EOF
end