Check commit signature and if it fails, check if any signed tags
associated with commit exist from a keyring that can be found only
locally.
For: https://github.com/ben-grande/qusal/issues/105
Skipping the Git system configuration on Whonix weakens the state as it
starts depending on the dotfiles, but it is the only way to not break
system updates due to Whonix security-misc package owning the same file.
Fix: https://github.com/ben-grande/qusal/issues/101
If the commit of the spec file is not done separate from formula files
or at last, the check fails. I was skipping it locally but best to
comment out as it is not being used.
Echo can interpret operand as an option and checking every variable to
be echoed is troublesome while with printf, if the format specifier is
present before the operand, printing as string can be enforced.
The feature is more reliable than the whonix-updatevm tag as the tag can
be deleted for other Whonix tags to take effect to target different
gateways, which is the case for the Bitcoin formula.
- libgtk4-1 is not used by Signal and now it declares the libgtk3-0
as a dependency;
- Zenity is not needed as a file manager once Thunar is used;
- ATK is installed for Signal but not for any apps, remove until there
is a shared formula or pillar to install accessibility tools; and
- Ayatana AppIndicator for tray widget. Signal tray widget is buggy,
sometimes quitting doesn't quit and there is no configuration option
to start the tray, only command-line option. Because of these reasons,
not enabling the tray bar was chosen.
As NFTables converts domain names to IPs on the first query, it is not
possible to depend on it to have a stable connection. Implementing a DNS
proxy configuration might still be difficult due to the use of CDNs.
Selecting the output and input device in the AudioVM using a GUI audio
manager such as Pavucontrol or Easyeffects to the connected USB device
is enough to make audio work. USB audio devices should not be connected
to audio clients.
- Find PGP keys using the same methods as other scripts;
- Lower threshold to 30 days by default;
- Add environment variable to set threshold;
- Add colors to distinguish expired from expires soon; and
- Add days until key expiration when it is below threshold.
Make shell a little bit safer with:
- add-default-case
- check-extra-masked-returns
- check-set-e-suppressed
- quote-safe-variables
- check-unassigned-uppercase
Although there are some stylistic decisions for uniformity:
- avoid-nullary-conditions
- deprecated-which
- require-variable-braces