_gnupg.py is used by release.py and by advisory.py (the confidential pre-notification script).
I'm getting an error from it:
$ python2 tools/dist/release.py check-sigs --target=wc-of-dist 1.9.6
INFO:root:Checking 3 sig(s) in ./subversion-1.9.6.tar.bz2.asc
Exception in thread Thread-3:
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 801, in __bootstrap_inner
File "/usr/lib/python2.7/threading.py", line 754, in run
File "/home/daniel/in/svn/t1/tools/dist/security/_gnupg.py", line 770, in _read_response
File "/home/daniel/in/svn/t1/tools/dist/security/_gnupg.py", line 292, in handle_status
raise ValueError("Unknown status message: %r" % key)
ValueError: Unknown status message: u'KEY_CONSIDERED'
BAD SIGNATURE for ./subversion-1.9.6.tar.bz2.asc
That error is from tools/dist/security/_gnupg.py. The error disappears when
I install that module via my OS packages, so I assume we should update our
import. How do we do that? I couldn't find any instructions, and the top
comments don't identify the homepage, so I'm not sure where the *canonical*
upstream is. (As opposed to possible forks)
P.S. Incidentally, my OS packages also report that the module depends on the
deprecated gpg1 packages, so in the long term either the module will convert
to gpg2 or we'll have to switch to another module....
Received on 2017-07-02 06:36:21 CEST