[Changes for 0.88 - Sat Dec 18 11:34:44 CST 2021] * Update PAUSE keys to 2022. (@skaji) [Changes for 0.87 - Sat Jul 4 15:04:41 CST 2020] * Skip 3-verify.t on Crypt::OpenPGP installations. (@pyramation) [Changes for 0.86 - Thu Jun 25 21:06:24 CST 2020] * Update PAUSE and ANDK keys to 2020. (@dweekly) * Update documentation pertaining to SHA1. (@dweekly) * Fix compatibility with Crypt::OpenPGP. (@niklasholm) [Changes for 0.83 - Wed Aug 29 17:33:12 JST 2018] * Update META.yml. [Changes for 0.82 - Sun Aug 26 23:00:04 CST 2018] * Fix CRLF handling on Win32. (@niklasholm) * Default to SHA256 on new hashes as SHA1 is deprecated. (@niklasholm) [Changes for 0.79 - Mon May 18 23:02:11 CST 2015] * Restore "cpansign --skip" functionality. Contributed by: CLOOS [Changes for 0.78 - Thu Apr 9 16:58:27 CST 2015] * Fix verify() use from cpanm and CPAN.pm. Contributed by: ANDK [Changes for 0.77 - Wed Apr 8 19:36:50 CST 2015] * Include the latest public keys of PAUSE, ANDK and AUDREYT. * Clarify scripts/cpansign copyright to CC0. Reported by: @pghmcfc [Changes for 0.76 - Wed Apr 8 18:05:48 CST 2015] * Fix signature tests by defaulting to verify(skip=>1) when $ENV{TEST_SIGNATURE} is true. Reported by: @pghmcfc [Changes for 0.75 - Tue Apr 7 04:56:09 CST 2015] Two more issues reported by John Lightsey: * Update ChangeLog. * More protection of @INC from relative paths. Fix various issues reported by John Lightsey: [Changes for 0.74 - Tue Apr 7 02:39:14 CST 2015] Fix various issues reported by John Lightsey: * Fix GPG signature parsing logic. * MANIFEST.SKIP is no longer consulted unless --skip is given. * Properly use open() modes to avoid injection attacks. [Changes for 0.73 - Wed Jun 5 23:44:57 CST 2013] * Properly redo the previous fix using File::Spec->file_name_is_absolute. [Changes for 0.72 - Wed Jun 5 23:19:02 CST 2013] * Only allow loading Digest::* from absolute paths in @INC, by ensuring they begin with \ or / characters. Contributed by: Florian Weimer (CVE-2013-2145) [Changes for 0.71 - Tue Jun 4 18:24:10 CST 2013] * Constrain the user-specified digest name to /^\w+\d+$/. * Avoid loading Digest::* from relative paths in @INC. Contributed by: Florian Weimer (CVE-2013-2145) [Changes for 0.70 - Thu Nov 29 01:45:54 CST 2012] * Don't check gpg version if gpg does not exist. This avoids unnecessary warnings during installation when gpg executable is not installed. Contributed by: Kenichi Ishigaki [Changes for 0.69 - Fri Nov 2 23:04:19 CST 2012] * Support for gpg under these alternate names: gpg gpg2 gnupg gnupg2 Contributed by: Michael Schwern [Changes for 0.68 - Fri, 13 May 2011 11:51:50 +0200] * Fix breakage introduced by 0.67 (Andreas König). [Changes for 0.67 - Sun, 17 Apr 2011 16:29:23 +0200] * Better handling of \r (Andreas König, Zefram) (Closes RT#46339). [Changes for 0.66 - Fri, 6 Sep 2010 22:51:37 +0200] * Fix incompatibility with EU::Manifest 1.54 to 1.57 (Paul Howarth) (Closes RT#61124). [Changes for 0.65 - Fri, 3 Sep 2010 21:38:02 +0200] * Skip MYMETA (Alexandr Ciornii) [Changes for 0.64 - Sun, 9 May 2010 00:50:11 +0200] * Avoid creating gnupg configuration files for the user invoking Makefile.PL (Closes RT#41978). * Correctly detect the version of gnupg on cygwin and add tests for it (Paul Fenwick) (Closes RT#39258). [Changes for 0.63 - Sun, 28 Mar 2010 04:46:27 +0100] * Fix diagnostic message from Makefile.PL when the user dosn't have gnupg or Crypt::OpenPGP (miyagawa). [Changes for 0.62 - Tue, 23 Mar 2010 22:17:39 +0100] * Change the default keyserver from the outdated pgp.mit.edu to pool.sks-keyservers.net. [Changes for 0.61 - 2009年11月19日 周四 00時56分41秒 CST] * Added "=encoding utf8" to POD to fix author name display. No functional changes. [Changes for 0.60 - 2009年11月16日 周一 22時48分54秒 CST] * LICENSING CHANGE: This compilation and all individual files in it are now under the nullary CC0 1.0 Universal terms: To the extent possible under law, 唐鳳 has waived all copyright and related or neighboring rights to Module-Signature. * Updated Module::Install to 0.91, prompted by Florian Ragwitz. [Changes for 0.55 - 2006-07-29] * ANDK submitted a patch to fix versioning problem when the user elects to install Crypt::OpenPGP. * Major refactoring of the Makefile.PL to ease the installation process. [Changes for 0.54 - 2006-05-12] * Fixed a long-standing bug where differing end-of-line conventions could cause bogus comparisons in signature checks. * Fixed another long-standing bug where CRLF text files were hashed into different digests under Unix and Dosish platforms. Now it's consistently hashed as if it's been normalized to LF. * Optional dependencies are no longer installed-by-default. [Changes for 0.53 - 2006-01-31] * The explicit call to "readline(D)" didn't compile on earlier perls which demanded either "readline(*D)" or "" -- I elected the latter form. Reported by: Matthew Persic * Update my author key to reflect revoked past uids. [Changes for 0.52 - 2006-01-19] * POD and source code cleanup; no functional changes. * Updated my author key to reflect my new name and identity. * Upgrade to the latest Module::Install to fix Cygwin installation problems. Reported by: Lyle Ziegelmiller [Changes for 0.51 - 2006-01-02] * Even more flexible CRLF handling for SIGNATURE files, Contributed by: Andreas Koenig. [Changes for 0.50 - 2005-08-21] * Add support for to SHA-256, requested by Mark Shelor in light of the recent SHA1 attacks. SHA1 is still the default, but you can now override this by settings MODULE_SIGNATURE_CIPHER environment variable to SHA256. [Changes for 0.45 - 2005-08-09] * Andreas Koenig ported out that "Import GPG keys?" was asked far too many times during autoinstall. [Changes for 0.44 - 2004-12-16] * Add "pmfiles.dat" to legacy manifest_skip routine to accomodate early Win32 hacks. Reported by Steve Hay via Michael Schwern. [Changes for 0.43 - 2004-12-16] * Updated t/0-signature.t to be more friendly with Test::More; contributed by Michael Schwern. * Add $Timeout (default 3 seconds) to control the timeout for probing connections to the key server. * Take account of the .ts files produced by newer MakeMakers in the suggested MANIFEST.SKIP list. [Changes for 0.42 - 2004-11-20] * Move under SVK version control management; ditch keyword tags. * Michael Schwern pointed out that during development, the "signature.t" file would keep failing. * Documented how to generate SIGNATURE files as part of "make dist", for Module::Install, ExtUtils::MakeMaker and Module::Build users . [Changes for 0.41 - 2004-07-04] * Mark Shelor points out that support for Digest::SHA was broken. [Changes for 0.40 - 2004-07-01] * Dave Rolsky points out that GPG version detection always returns '1'. (bug #6810) [Changes for 0.39 - 2004-06-17] * Supports Digest::SHA (now preferred) and Digest::SHA1::PurePerl, in addition to the original Digest::SHA1 backend. * We now asks before importing the default keys, also suggested by Tels. * Unknown cipher is made fatal, thanks to suggestion by Tels. * Apply Dave Rolsky's patch to verify that author's pubkey is available on a keyserver. may need more work. [Changes for 0.38 - 2004-01-01] * Update to the newest Module::Install. * Not using inc/SCRIPT/ anymore. * Add "#defaults" and "^blibdirs$" to recommended MANIFEST.SKIP to pacify newer ExtUtil::MakeMaker. * Starting to think about how to make "disttest" + "dist" not signing twice. [Changes for 0.37 - 2003-11-06] * Move bin/cpansign to script/cpansign. * Make cpansign exit upon failure. [Changes for 0.36 - 2003-10-28] * Use sign(1) to autosign ourselves. * Soren A pointed out that hkp:// didn't work with GnuPG. [Changes for 0.25 - 2003-08-28] * Now ships with my pubkey and PAUSE's. * Interactive Makefile.PL, suggested by Jarkko. [Changes for 0.34 - 2003-08-18] * Don't ask user to install Crypt::OpenPGP if she does not have a C compiler anyway. * ExtUtils::Manifest 1.38 does not support good enough skips even for Makefile.PL, sigh. [Changes for 0.33 - 2003-08-12] * William Wentworth-Sheilds points out that META.yml is dynamic, which makes SIGNATURE incorrect for people without either "diff" or "gpg". Fixed. [Changes for 0.32 - 2003-08-11] * Take Schwern's patch to only set _maniskip for legacy EU::Manifest. * Remove ::TieOut since we are not using it anymore. * Reduce noise for untrusted signatures to two lines. [Changes for 0.31 - 2003-08-10] * Scott R. Godin pointed out 0.30 had bad signature. whoops. [Changes for 0.30 - 2003-08-10] * Add JHI to authors. * Patch from Michael Schwern: only let GnuPG display anything if we're handling suspicious keys, not when you have added the signer into the trustdb. * New global config variable, $Verbose. * MODULE_SIGNATURE_VERBOSE, MODULE_SIGNATURE_KEYSERVER and MODULE_SIGNATURE_KEYSERVERPORT env variables are now respected. * Only supply _default_skip if our ExtUtils::MakeMaker is too old. [Changes for 0.29 - 2003-08-08] * Now fails gracefully all the time, including when incapable of connecting to the keyserver. * Also, SHA1 sum is still checked even if the user does not have GnuPg/Crypt::OpenPGP. * Hence, Crypt::OpenPGP is no longer a mandatory prerequisite even for users without gnupg. * "0E0" is now made into a constant, CANNOT_VERIFY. * Do not die() when we absolutely can't verify. * BZAJAC pointed out that we should add .svn to _default_skip. [Changes for 0.28 - 2003-07-29] * Remove Digest.pm dependency. * Don't test for "diff -version" anymore -- not all diffs have -version, thanks again to Alan Burlison. [Changes for 0.27 - 2003-07-28] * More punctuation cleanups in POD. * Michael Schwern pointed out that successful tests shouldn't be noisy. [Changes for 0.26 - 2003-07-17] * New internal function, _verify(), that takes $sigfile as its first argument, eliminating the "local $Module::Signautre::SIGNATURE" approach. * sign() now also takes a skip=> parameter (defaults to true) about whether to respect MANIFEST.SKIP. This needs to be set to 0 to sign blib/ archives. * Officially supporting signing and verification of PAR files, using PAR::Dist. * Let's ignore warnings when performing on exe files [Changes for 0.24 - 2003-07-08] * Preliminary PAR support. [Changes for 0.23 - 2003-07-07] * Ken Williams noted that M::B now works on 5.005. [Changes for 0.22 - 2003-05-15] * Move Signature.pm to lib/Module/Signature.pm. * Switch to the Module::Install framework. * Updates TODO to reflect correspondence with andk. * Matt Southall mentioned that, if somebody has never run gpg before, we need to initialize it once before running test. * Warn about potential 'Makefile' exploit as pointed out by Tels. Document pending. * Bugfix for incorrect 'MALFORMED' response to signatures made from older versions of GnuPG, as reported by Tels. [Changes for 0.18 - 2002-11-04] * Binary files handling on win32 was broken. (Jos Boumans) [Changes for 0.17 - 2002-10-30] * Resolve bug report by Iain Truskett: cpansign -s should not complain manifest mismatch if SIGNATURE is lacking. * Also, bail out gracefully when signing fails, instead of crippling the old SIGNATURE. * MANIFEST.SKIP doc lifted from Test::Signature. * Minor POD fixups. [Changes for 0.16 - 2002-10-28] * Adds AUTHORS file. * Added connectivity probing for testing. * Print a helpful success message after signing. * Don't cripple old SIGNATURE file. * Suggestion from Tels: skip the ambiguous 'optional' probing for Crypt::OpenPGP if gnupg is there. [Changes for 0.15 - 2002-10-17] * Fixed compatibility with old MakeMaker versions, thanks to chromatic. * Fixed "no /dev/tty" bug during smoke testing, as reported by the excellent CPAN Smokers. [Changes for 0.12 - 2002-10-12] * Supports automatic key retrieval, implemented in Crypt::OpenPGP. [Changes for 1.02 - 2002-10-12] * Fixed the default cipher from MD5 back to SHA1. [Changes for 0.10 - 2002-10-12] * Fixed a problem that prevents earlier versions of GnuPG from fetching public keys via --keyserver-option=auto-key-retrieve. [Changes for 0.09 - 2002-10-12] * Documented the package variables so they become part of APIs. * Alternative (non-SHA1) ciphers in SIGNATUREs are now recognized. * Added a new return value, CIPHER_UNKNOWN. * Mention Test::Signature. * Ditch Test::More from the sample script. * Label tests. [Changes for 0.09 - 2002-10-11] * We're no longer alpha status; reflect in README. * Incoporated a suggestion from Tels: undefining the $KeyServer package variable should disable automatic key-fetching. * Include the tests from Iain. * Tels: disable KeyServer fetching if it's undef'ed. [Changes for 0.07 - 2002-10-11] * Fixed our own signatures. [Changes for 0.06 - 2002-10-10] * Use many-arg system() instead of the one-arg form to prevent security breach. * Iain Truskett: fixed export bug so SIGNATURE_OK is properly exported. * Introduced global $KeyServer variable, default at 'pgp.mit.edu'. * Suggestion from Aurthur Bergman: cpansign without arg should DWIM. * Set a default keyserver for cpansign -v. * Use by-name params for functions. sign(override => $bool). [Changes for 0.05 - 2002-08-14] * Typo correction and safety checking. [Changes for 0.04 - 2002-08-14] * Added boilerplate text before SIGNATURE to explain what's it about. * Crypt::OpenPGP signature didn't work. * Add keyword expansion tags.