Subject: | Bad SIGNATURE |
XML-XPathScript 1.45 has a bad signature.
0 Windhund-V /usr/local/src/CPAN/XML-XPathScript-1.45$ cpansign -v
Executing gpg --verify --batch --no-tty
--keyserver=hkp://pgp.mit.edu:11371
--keyserver-options=auto-key-retrieve SIGNATURE
gpg: Signature made Mon Aug 7 18:27:38 2006 PDT using DSA key ID E1B00B8C
gpg: Good signature from "Yanick Champoux <yanick@babyl.dyndns.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
owner.
Primary key fingerprint: B844 CAF6 2D99 7203 F225 6C71 DF81 F07F E1B0 0B8C
--- SIGNATURE 2006-08-07 18:27:38.000000000 -0700
+++ - 2006-10-24 22:17:47.000000000 -0700
@@ -39,7 +39,7 @@
SHA1 595ec281b37e412a8ee1368e39931bd318dde100 t/05textnode.t
SHA1 2dbdc5e8ad96687de10598f6c80df5827a51afd6 t/06testcode.t
SHA1 d823831b458ba27743660b4659133c1b3deba496 t/07stylesheetcallbacks.t
-SHA1 3bde9b14f9e541a5e58b2f1a2416f98caed0de30 t/08document.t
+SHA1 082321586d05d5edbf3e38ef82c90fca1fc32d3d t/08document.t
SHA1 05871e12c2e3be75f30e87906f3d82934e7b9699 t/09argencoding.t
SHA1 c773c7fce291e7ce2c2255d7627f456fc775d3e9 t/10comments.t
SHA1 1169e0d4a63ed43244f8a0af6d292c67ff10ea98 t/11new_interface.t
==> MISMATCHED content between SIGNATURE and distribution files! <==
You can avoid this sort of thing in the future with a signature test
(attached).
Subject: | 00signature.t |
#!/usr/bin/perl -w
use Test::More;
if( eval q{use Test::Signature; 1;} ) {
plan tests => 1;
}
else {
plan skip_all => 'Test::Signature required to test SIGNATURE';
}
signature_ok();