diff options
author | TobFromme | 2023-02-08 16:06:16 -0500 |
---|---|---|
committer | TobFromme | 2023-02-08 16:06:16 -0500 |
commit | 3f51ceed10d9bd71904533b27d2a9d31823c2bca (patch) | |
tree | d354a4e05e076f6452ccedaa3920257170a033a4 | |
parent | 803404338a60689c9b79c192fdf7603611bde523 (diff) | |
download | aur-3f51ceed10d9bd71904533b27d2a9d31823c2bca.tar.gz |
Add gpg function, which automatically prompts the user to import the key, if it is not found
-rw-r--r-- | .SRCINFO | 9 | ||||
-rw-r--r-- | PKGBUILD | 38 |
2 files changed, 24 insertions, 23 deletions
@@ -1,7 +1,7 @@ pkgbase = spotify pkgdesc = A proprietary music streaming service pkgver = 1.1.84.716 - pkgrel = 9 + pkgrel = 10 epoch = 1 url = https://www.spotify.com arch = x86_64 @@ -15,6 +15,7 @@ pkgbase = spotify depends = at-spi2-atk depends = libcurl-gnutls depends = libsm + depends = gnupg optdepends = ffmpeg4.4: Adds support for playback of local files optdepends = zenity: Adds support for importing local files optdepends = libnotify: Desktop notifications @@ -22,9 +23,9 @@ pkgbase = spotify source = spotify.protocol source = LICENSE source = spotify-1.1.84.716-gc5f8b819-2-x86_64.deb::http://repository.spotify.com/pool/non-free/s/spotify-client/spotify-client_1.1.84.716.gc5f8b819-2_amd64.deb - source = spotify-1.1.84.716-9-Release::http://repository.spotify.com/dists/testing/Release - source = spotify-1.1.84.716-9-Release.sig::http://repository.spotify.com/dists/testing/Release.gpg - source = spotify-1.1.84.716-9-x86_64-Packages::http://repository.spotify.com/dists/testing/non-free/binary-amd64/Packages + source = spotify-1.1.84.716-10-Release::http://repository.spotify.com/dists/testing/Release + source = spotify-1.1.84.716-10-Release.sig::http://repository.spotify.com/dists/testing/Release.gpg + source = spotify-1.1.84.716-10-x86_64-Packages::http://repository.spotify.com/dists/testing/non-free/binary-amd64/Packages validpgpkeys = F9A211976ED662F00E59361E5E3C45D7B312C643 validpgpkeys = E27409F51D1B66337F2D2F417A3A762FAFD4A51F sha512sums = 999abe46766a4101e27477f5c9f69394a4bb5c097e2e048ec2c6cb93dfa1743eb436bde3768af6ba1b90eaac78ea8589d82e621f9cbe7d9ab3f41acee6e8ca20 @@ -1,5 +1,5 @@ -# Maintainer: Ashley Whetter <(firstname) @ awhetter.co.uk> -# Co-Maintainer: NicoHood <archlinux {cat} nicohood {dog} de> +# Maintainer: NicoHood <archlinux {cat} nicohood {dog} de> +# Co-Maintainer: TobFromme < TobFromme {hat} pm {dont} me > # PGP ID: 97312D5EB9D7AE7D0BD4307351DAE9B7C1AE9161 # Contributor: Eothred <yngve.levinsen@gmail.com> @@ -7,12 +7,12 @@ pkgname=spotify pkgver=1.1.84.716 epoch=1 _commit=gc5f8b819-2 -pkgrel=9 +pkgrel=10 pkgdesc='A proprietary music streaming service' arch=('x86_64') license=('custom') url='https://www.spotify.com' -depends=('alsa-lib>=1.0.14' 'gtk3' 'libxss' 'desktop-file-utils' 'openssl' 'nss' 'at-spi2-atk' 'libcurl-gnutls' 'libsm') +depends=('alsa-lib>=1.0.14' 'gtk3' 'libxss' 'desktop-file-utils' 'openssl' 'nss' 'at-spi2-atk' 'libcurl-gnutls' 'libsm' 'gnupg') optdepends=('ffmpeg4.4: Adds support for playback of local files' 'zenity: Adds support for importing local files' 'libnotify: Desktop notifications') @@ -24,13 +24,14 @@ options=('!strip') # http://repository.spotify.com/dists/testing/Release # http://repository.spotify.com/dists/testing/non-free/binary-amd64/Packages # http://repository.spotify.com/dists/testing/Release.gpg + source=('spotify.protocol' 'LICENSE' - "${pkgname}-${pkgver}-${_commit}-x86_64.deb::http://repository.spotify.com/pool/non-free/s/spotify-client/spotify-client_${pkgver}.${_commit}_amd64.deb" + "${pkgname}-${pkgver}-${_commit}-${CARCH}.deb::http://repository.spotify.com/pool/non-free/s/spotify-client/spotify-client_${pkgver}.${_commit}_amd64.deb" # GPG signature check "${pkgname}-${pkgver}-${pkgrel}-Release::http://repository.spotify.com/dists/testing/Release" "${pkgname}-${pkgver}-${pkgrel}-Release.sig::http://repository.spotify.com/dists/testing/Release.gpg" - "${pkgname}-${pkgver}-${pkgrel}-x86_64-Packages::http://repository.spotify.com/dists/testing/non-free/binary-amd64/Packages") + "${pkgname}-${pkgver}-${pkgrel}-${CARCH}-Packages::http://repository.spotify.com/dists/testing/non-free/binary-amd64/Packages") sha512sums=('999abe46766a4101e27477f5c9f69394a4bb5c097e2e048ec2c6cb93dfa1743eb436bde3768af6ba1b90eaac78ea8589d82e621f9cbe7d9ab3f41acee6e8ca20' '2e16f7c7b09e9ecefaa11ab38eb7a792c62ae6f33d95ab1ff46d68995316324d8c5287b0d9ce142d1cf15158e61f594e930260abb8155467af8bc25779960615' '9ba6c2d155f683b9a38222d58a2a53a2a5f4b422ed1c0d603af87919ba8a68309aea3354278fd1d5d8142a1568d93b7e83b14c041e749b0c39f3bc155a633ef8' @@ -38,32 +39,31 @@ sha512sums=('999abe46766a4101e27477f5c9f69394a4bb5c097e2e048ec2c6cb93dfa1743eb43 'SKIP' 'b0ab27105fb6b51768b6831ec11d836ac30885ff4f7fc50dcdbf8888366656a8e7a3a777a969f9de50e42a4af80155b36f9f46c468216d44026a2aecb772a257') -# Import key with: -# curl -sS https://download.spotify.com/debian/pubkey_7A3A762FAFD4A51.gpg | gpg --import - +# Import current GPG key, if it is not already +if [[ ! $(gpg -k E27409F51D1B66337F2D2F417A3A762FAFD4A51F 2>/dev/null) ]]; then + curl -sS https://download.spotify.com/debian/pubkey_7A3A762FAFD4A51F.gpg | gpg --import -i - +fi validpgpkeys=('F9A211976ED662F00E59361E5E3C45D7B312C643' 'E27409F51D1B66337F2D2F417A3A762FAFD4A51F') # Spotify Public Repository Signing Key <tux@spotify.com> + # Old Keys: # 8FD3D9A8D3800305A9FFF259D1742AD60D811D58 # 931FF8E79F0876134EDDBDCCA87FF9DF48BF1C90 # 2EBF997C15BDA244B6EBF5D84773BD5E130D1D45 prepare() { - echo -e "\nINSTALLATION NOTE:\n" - echo -e "If installation fails with 'One or more PGP signatures could not be verified', then install the key with:\n" - echo -e " curl -sS https://download.spotify.com/debian/pubkey_7A3A762FAFD4A51F.gpg | gpg --import -\n" - echo -e "Then retry the installation.\n" - # Validate hashes from the PGP signed "Release" file - echo "$(grep non-free/binary-amd64/Packages ${pkgname}-${pkgver}-${pkgrel}-Release | tail -n 2 | head -n 1 | awk '{print $1}') ${pkgname}-${pkgver}-${pkgrel}-x86_64-Packages" \ - > "${pkgname}-${pkgver}-x86_64-Packages.sha256" - sha256sum -c "${pkgname}-${pkgver}-x86_64-Packages.sha256" + echo "$(grep non-free/binary-amd64/Packages ${pkgname}-${pkgver}-${pkgrel}-Release | tail -n 2 | head -n 1 | awk '{print $1}') ${pkgname}-${pkgver}-${pkgrel}-${CARCH}-Packages" \ + > "${pkgname}-${pkgver}-${CARCH}-Packages.sha256" + sha256sum -c "${pkgname}-${pkgver}-${CARCH}-Packages.sha256" - echo "$(grep SHA512 ${pkgname}-${pkgver}-${pkgrel}-x86_64-Packages | head -n 1 | awk '{print $2}') ${pkgname}-${pkgver}-${_commit}-x86_64.deb" \ - > "${pkgname}-${pkgver}-x86_64.deb.sha512" - sha512sum -c "${pkgname}-${pkgver}-x86_64.deb.sha512" + echo "$(grep SHA512 ${pkgname}-${pkgver}-${pkgrel}-${CARCH}-Packages | head -n 1 | awk '{print $2}') ${pkgname}-${pkgver}-${_commit}-${CARCH}.deb" \ + > "${pkgname}-${pkgver}-${CARCH}.deb.sha512" + sha512sum -c "${pkgname}-${pkgver}-${CARCH}.deb.sha512" } package() { + cd "${srcdir}" tar -xzf data.tar.gz --no-same-owner -C "${pkgdir}" |