No Public Key on Signature file #32
Description
The release file ProjectCenter-0.7.0.tar.gz.sig doesn't appear to be signed correctly and causes issues with AUR build process.
Here is the output of gpg --verify:
gpg --verify ProjectCenter-0.7.0.tar.gz.sig
gpg: assuming signed data in 'ProjectCenter-0.7.0.tar.gz'
gpg: Signature made Fri 03 Feb 2023 06:00:33 AM EST
gpg: using DSA key BA075B9FA4C0EA04C96F9FD25023D366016912D0
gpg: Can't check signature: No public key
compare to gnustep-gui's signature which is correctly signed:
$ gpg --verify gnustep-gui-0.30.0.tar.gz.sig
gpg: assuming signed data in 'gnustep-gui-0.30.0.tar.gz'
gpg: Signature made Thu Dec 29 04:10:15 2022 EST
gpg: using DSA key 83AAE47CE829A4146EF83420CA868D4C99149679
gpg: issuer "gnustep-maintainer@gnu.org"
gpg: Good signature from "GNUstep Maintainer <gnustep-maintainer@gnu.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 83AA E47C E829 A414 6EF8 3420 CA86 8D4C 9914 9679