cdecl99-1.3 bash-5 hotfix

[homepage.git] / lib / project-readme.rb

diff --git a/lib/project-readme.rb b/lib/project-readme.rb
index 3338e8a436558759a81a129abdc937d1d2142506..079640e28d3b3d196c531781da2642dafcf16c14 100644 (file)
--- a/lib/project-readme.rb
+++ b/lib/project-readme.rb
@@ -1,6 +1,6 @@
 # Nick's web site: Generate a project page from a submodule README.md
 #
-# Copyright © 2021 Nick Bowler
+# Copyright © 2021-2022 Nick Bowler
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -82,21 +82,25 @@ def project_readme(item = @item)
             obtaining += line.lstrip
         end
 
+        gpg_keyid = "5B45D3D185B8E1F6"
         obtaining += "\n\n" + <<~EOF
             [gpg]: https://gnupg.org/
+            [keyring]: /pubring/#{gpg_keyid}.asc
 
             Use the signature file to verify that the corresponding source
             bundle is intact.  After downloading both files, if [GnuPG][gpg]
             is installed, the signature can be verified with a command like:
 
-            <kbd>gpg --verify #{targz}.sig</kbd>
+            <kbd>gpg --verify #{targz}.sig #{targz}</kbd>
 
             If the verification fails because you don't have the required
             public key, that key can be imported with a command such as:
 
-            <kbd>gpg --keyserver keys.gnupg.net --recv-keys 5B45D3D185B8E1F6</kbd>
+            <kbd>gpg --keyserver keys.draconx.ca --recv-keys #{gpg_keyid}</kbd>
 
-            Then run the verify command again.
+            Then run the verify command again.  Alternatively, you can
+            [download the public keyring][keyring] manually and import it
+            using `gpg --import`.
         EOF
     end