All commit signatures invalid?
jelmer at samba.org
Sun Mar 11 18:08:46 UTC 2012
On 03/10/2012 01:54 AM, Ben Finney wrote:
> Howdy all,
> I'm glad to learn of the ‘verify-signatures’ command, new in Bazaar 2.5.
> Less pleasant is that, on a repository where I recently performed ‘bzr
> sign-my-commits’ with the same version of Bazaar, it reports all
> signatures invalid:
> $ bzr verify-signatures
> 0 commits with valid signatures
> 0 commits with key now expired
> 0 commits with unknown keys
> 108 commits not valid
> 3968 commits not signed
> The ‘$HOME/.bzr.log’ doesn't contain any more information about this.
> How can I know why those signatures are being reported as invalid?
IIRC it just looks at the GPGME return values, and I don't think that
currently provides any more data.
Note that there is "bzr verify-signatures -v" but that only lists the
authors and keys, not more GPG details.
More information about the bazaar