https://bugzilla.redhat.com/show_bug.cgi?id=2379742 wojnilowicz <lukasz.wojnilowicz@xxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|fedora-review? |fedora-review+ --- Comment #6 from wojnilowicz <lukasz.wojnilowicz@xxxxxxxxx> --- (In reply to Ben Beasley from comment #5) > (In reply to wojnilowicz from comment #4) > > No problem. I cannot approve it though due to an issue with gpg. Details > > below. Could you clarify? > > > > > > [!]: Sources are verified with gpgverify first in %prep if upstream > > publishes signatures. > > Note: gpgverify is not used. > > > > You missed to verify the signature? Upstream uses gpg. > > As far as I can tell, upstream just signs commits, e.g. > https://github.com/fastapilabs/fastapi-cloud-cli/commit/ > b963a0767f403e8b7c03ab1fad03a224b59c7bd3 for the 0.1.5 release. You're right, and they don't publish signatures. The package is APPROVED then. Sorry for the delay. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2379742 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202379742%23c6 -- _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
