You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The signature on the latest release is signed using an expired certificate.
Verification
$ gpg2 --verify dephpend-0.8.0.phar.asc dephpend-0.8.0.phar
gpg: Signature made Sun May 2 14:09:30 2021 BST
gpg: using RSA key 44CC65DC01D2FC05AD6F3DBD76835C9464877BDD
gpg: issuer "[email protected]"
gpg: Can't check signature: No public key
Checking the cert provided on OpenPGP
$ curl -s "https://keys.openpgp.org/pks/lookup?op=get&options=mr&search=44CC65DC01D2FC05AD6F3DBD76835C9464877BDD" | gpg2
gpg: WARNING: no command supplied. Trying to guess what you mean ...
pub rsa4096 2019-07-14 [SC] [expired: 2020-07-13]
44CC65DC01D2FC05AD6F3DBD76835C9464877BDD
uid Michael Haeuslmann <[email protected]>
sub rsa4096 2019-07-14 [E] [expired: 2020-07-13]
Also shows as an issue installing with Phive
$ phive install dephpend
Phive 0.15.0 - Copyright (C) 2015-2021 by Arne Blankerts, Sebastian Heuer and Contributors
Downloading https://api.github.com/repos/mihaeu/dephpend/releases
Downloading https://github.com/mihaeu/dephpend/releases/download/0.8.0/dephpend-0.8.0.phar
Downloading https://github.com/mihaeu/dephpend/releases/download/0.8.0/dephpend-0.8.0.phar.asc
[ERROR] Signature could not be verified
[ERROR] unknown error code
The signature on the latest release is signed using an expired certificate.
Verification
Checking the cert provided on OpenPGP
Also shows as an issue installing with Phive
Checking the key pulled by phive
The text was updated successfully, but these errors were encountered: