diff options
-rw-r--r-- | parabola_repolint/linter_checks/package_signature.py | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/parabola_repolint/linter_checks/package_signature.py b/parabola_repolint/linter_checks/package_signature.py index 7c62adc..3ad6aae 100644 --- a/parabola_repolint/linter_checks/package_signature.py +++ b/parabola_repolint/linter_checks/package_signature.py @@ -153,6 +153,10 @@ class PkgFileInvalidSignature(LinterCheckBase): raise LinterIssue('%s: signing key expired (%s)', package, verify['key_id']) if not verify['valid']: - # if this is triggered, add more cases here. - logging.warning('%s: unknown gpg invalidity: %s', package, verify) - raise LinterIssue('%s: invalid signature', package) + if verify['key_status'] == 'signing key has expired' and verify['status'] == 'signature valid': + # host keyring is out of date, not an issue per se + pass + else: + # catchall rule in case something is missing above + logging.warning('%s: unknown gpg invalidity: %s', package, verify) + raise LinterIssue('%s: invalid signature', package) |