diff options
author | mrxx | 2018-01-04 01:09:42 +0100 |
---|---|---|
committer | mrxx | 2018-01-04 01:09:42 +0100 |
commit | 7f5b591ae5e8c9b9f36fe4fd265b44c2f5950d4f (patch) | |
tree | 8120b9c48df68d34231a4ea54a5b9a6da7736f59 /PKGBUILD | |
parent | 1a16ba115623936f3b50e54331819fdc9e726138 (diff) | |
download | aur-7f5b591ae5e8c9b9f36fe4fd265b44c2f5950d4f.tar.gz |
Pinned electron versions; made gpg signature check more verbose
Diffstat (limited to 'PKGBUILD')
-rw-r--r-- | PKGBUILD | 22 |
1 files changed, 14 insertions, 8 deletions
@@ -3,33 +3,39 @@ pkgname=signal-desktop pkgver=1.1.0 -pkgrel=4 +pkgrel=5 pkgdesc='Private messaging from your desktop' _basename=Signal-Desktop license=('GPL3') arch=('any') url='https://github.com/WhisperSystems/Signal-Desktop' +_gpg_keys=https://api.github.com/users/scottnonnenberg/gpg_keys conflicts=('signal' 'signal-desktop-bin' 'signal-desktop-beta') depends=('alsa-lib' 'fontconfig' 'gconf' 'gtk2' 'libnotify' 'libxtst' 'libxss' 'nss') optdepends=('gnome-shell-extension-topicons-plus') makedepends=('git' 'npm' 'python2' 'yarn') install=signal-desktop.install -source=("git+${url}.git#tag=v${pkgver}" 'https://api.github.com/users/scottnonnenberg/gpg_keys' 'signal-desktop.desktop' 'signal-desktop' 'signal-desktop.install') +source=("git+${url}.git#tag=v${pkgver}" "$_gpg_keys" 'signal-desktop.desktop' 'signal-desktop' 'signal-desktop.install') sha256sums=('SKIP' 'SKIP' - 'e99f7af8a3dbb631485bc513b82d44bfe0826cf8a29868f601e285fd4bf48a42' - '1b9696ea39c69d31bffcb4c3d7d3faa2e0439b1ee8e5ecc6a4a123692dfeba1f' + '2287a32ed2ad8772fab02b7ec3bda185c6e85263f7b6b62595b66535ba8687b0' + '0ee7733814827a92fae89df751d4d4e5e0ee28e2a59457b224ec50b7aec31a3a' '91e6ab7a997a94326348183cd8de1c8eb07161ef533d357690d297b1a5f15c79') -build() { +prepare() { msg2 "Verifying gpg signature..." + [ ! -s ${srcdir}/gpg_keys ] && (msg2 "Unable to verify the gpg signature as the developer's keys file was not downloaded properly from $_gpg_keys" && exit 1) cd ${_basename} _key_id=$(/bin/git verify-tag v${pkgver} 2>&1|/bin/grep using|awk '{print $NF}') - echo " Signed by: $_key_id" - /bin/grep "\"key_id\": \"$_key_id\"" ${srcdir}/gpg_keys && msg2 "Signature OK" || (msg2 "No valid developer signature found" && exit 1) + [ -z "$_key_id" ] && (msg2 "Git source NOT trusted: it has no gpg signature at all" && exit 1) + echo " Signing key: $_key_id" + /bin/grep "\"key_id\":.*\"$_key_id\"" ${srcdir}/gpg_keys || (msg2 "Git source NOT trusted: gpg signature is from an unknown third party" && exit 1) + msg2 "Signature OK" +} +build() { cd ${srcdir}/${_basename} - sed -i 's/19.29.2/19.47.0/' package.json + sed -i -re 's/("electron":)(.*)/\1 "~1.7.10",/;s/("electron-builder":)(.*)/\1 "~19.52.1",/;s/("electron-updater":)(.*)/\1 "~2.18.2",/' package.json yarn install yarn pack-prod } |