Result:
found 581 distributions and 1482 files matching your query !
( run in 2.047 )
App-BS
view release on metacpan or search on metacpan
check_bin('pacsift');
check_bin('arch-rebuild-order');
check_bin('expac');
check_bin('makechrootpkg');
check_bin('makepkg');
check_bin('gpg');
my %args = (
license => 'perl_5',
dynamic_config => 0,
App-Bootstrap-Perl
view release on metacpan or search on metacpan
bin/bootstrap-perl view on Meta::CPAN
'ftp' => q[/usr/bin/ftp],
'patch' => q[/usr/bin/patch],
'ftp_passive' => q[1],
'ftp_proxy' => q[],
'getcwd' => q[cwd],
'gpg' => q[/usr/bin/gpg],
'gzip' => q[/bin/gzip],
'halt_on_failure' => q[0],
'histfile' => q[__PREFIXBASE__/cpan/histfile],
'histsize' => q[100],
'http_proxy' => q[],
App-CPANtoRPM
view release on metacpan or search on metacpan
lib/App/CPANtoRPM.pm view on Meta::CPAN
'disttag' => '%{?dist}',
'env' => {},
'epoch' => '',
'extracted' => '',
'file_path' => '',
'gpg_name' => '',
'gpg_passfile' => '',
'gpg_passwd' => '',
'gpg_path' => '',
'group' => 'Development/Libraries',
'inst_base' => '',
'inst_type' => '',
'install' => '',
'macros' => 0,
lib/App/CPANtoRPM.pm view on Meta::CPAN
is installed.
-y/--yum DIR : Copy the RPM to a local yum repository
Misc. options:
--gpg-path PATH : The path to the GPG directory containing
the keyring.
--gpg-name NAME : The name of the user who's key should be
used to sign the package.
--gpg-passwd PASSWORD
: The passphrase for the GPG key.
--gpg-passfile FILE
: A file containing the passphrase for the GPG key.
--env VAR=VAL : Sets an environment variable before building
the package. This option can be used any number
of times.
lib/App/CPANtoRPM.pm view on Meta::CPAN
$_ eq '--install-base');
$$self{'mandir'} = shift(@a), next if ($_ eq '--mandir');
$$self{'no_clean'} = 1, next if ($_ eq '--no-clean');
$$self{'sign'} = 1, next if ($_ eq '-s' ||
$_ eq '--sign');
$$self{'gpg_path'} = shift(@a), next if ($_ eq '--gpg-path');
$$self{'gpg_name'} = shift(@a), next if ($_ eq '--gpg-name');
$$self{'gpg_passwd'} = shift(@a), next if ($_ eq '--gpg-passwd');
$$self{'gpg_passfile'} = shift(@a), next if ($_ eq '--gpg-passfile');
$$self{'install'} = 'upg', next if ($_ eq '-I' ||
$_ eq '--install');
$$self{'install'} = 'new', next if ($_ eq '--install-new');
$$self{'install'} = 'force', next if ($_ eq '--install-force');
$$self{'yum'} = shift(@a), next if ($_ eq '-y' ||
lib/App/CPANtoRPM.pm view on Meta::CPAN
sub _sign_rpm {
my($self) = @_;
$self->_log_message('HEAD',"Signing RPM: $package{name}");
my $gpg = $self->_find_exe('gpg');
if (! $gpg) {
$self->_log_message('ERR',"gpg program not found in path.");
}
#
# First, let's get the value of the GPG path
#
my $path = ''; # The gpg option to set the path to use (if not the default)
my $macro = ''; # The value of the rpm macro.
$macro = `rpm --eval '%_gpg_path'`;
chomp($macro);
$macro = '' if ($macro eq '%_gpg_path');
if ($$self{'gpg_path'}) {
if (! -d $$self{'gpg_path'}) {
$self->_log_message('ERR',
"GPG directory does not exist: $$self{gpg_path}");
}
if ($macro) {
if ($$self{'gpg_path'} ne $macro) {
# We're overriding a value set in the rpm macro file.
$self->_log_message('WARN',
'--gpg-path option overriding value in RPM macro file',
" --gpg-path = $$self{gpg_path}",
" \%_gpg_path = $macro");
$path = "--homedir $$self{'gpg_path'}";
# We have to add it to the macros file. We'll just tack
# it on the end since this will effectively override the
# value there.
my $macros = "$ENV{HOME}/.rpmmacros";
$$self->_add_macro($macros,'%_gpg_path',$$self{'gpg_path'});
}
}
} elsif ($macro) {
lib/App/CPANtoRPM.pm view on Meta::CPAN
#
# Next, let's get the value of the GPG user.
#
my $name = ''; # The gpg option to set the user to use.
$macro = ''; # The value of the rpm macro.
$macro = `rpm --eval '%_gpg_name'`;
chomp($macro);
$macro = '' if ($macro eq '%_gpg_name');
if ($$self{'gpg_name'}) {
if ($macro) {
if ($$self{'gpg_name'} ne $macro) {
# We're overriding a value set in the rpm macro file.
$self->_log_message('WARN',
'--gpg-name option overriding value in RPM macro file',
" --gpg-name = $$self{gpg_name}",
" \%_gpg_name = $macro");
$name = "'$$self{'gpg_name'}'";
# We have to add it to the macros file. We'll just tack
# it on the end since this will effectively override the
# value there.
my $macros = "$ENV{HOME}/.rpmmacros";
$$self->_add_macro($macros,'%_gpg_name',$$self{'gpg_name'});
}
}
}
$name = "'$macro'" if ($macro && ! $name);
lib/App/CPANtoRPM.pm view on Meta::CPAN
#
# Now let's make sure that we actually have exactly one key.
#
my @out = `$gpg $path --list-keys $name | grep '^uid'`;
if (! @out) {
$self->_log_message('ERR',
'No keys found in this GPG keyring.',
'Use --gpg-path to specify an alternate GPG path',
'or create a key in this keyring.');
}
if (@out != 1) {
$self->_log_message('ERR',
'Multiple keys found in this keyring',
'Use --gpg-user to specify a single user.');
}
#
# Sign it.
#
SIGN:
{
if ($$self{'gpg_passwd'} || $$self{'gpg_passfile'}) {
my $err = $self->_load_module("Expect");
if (! $err) {
$err = $self->_sign_perlexpect();
if ($err) {
lib/App/CPANtoRPM.pm view on Meta::CPAN
my($self,$expect) = @_;
$self->_log_message('INFO',"Signing with non-interactive expect script");
my $pass;
if ($$self{'gpg_passwd'}) {
$pass = $$self{'gpg_passwd'};
} else {
$pass = `cat $$self{'gpg_passfile'}`;
chomp($pass);
}
my $out = new IO::File;
my $file = "$TMPDIR/cpantorpm-expect-sign-wrapper";
lib/App/CPANtoRPM.pm view on Meta::CPAN
sub _sign_perlexpect {
my($self) = @_;
$self->_log_message('INFO',"Signing with non-interactive perl Expect script");
my $pass;
if ($$self{'gpg_passwd'}) {
$pass = $$self{'gpg_passwd'};
} else {
$pass = `cat $$self{'gpg_passfile'}`;
chomp($pass);
}
my $exp = Expect->spawn('rpm','--addsign',
$package{rpmfile},$package{srpmfile});
App-CamelPKI
view release on metacpan or search on metacpan
t/lib/App/CamelPKI/Test.pm view on Meta::CPAN
0UmrdcuZwRuHwxXTndQ57sA+QXKy4+S2kk64Ff2YoGCsE34L6UazfT5skt/iS7ct
GHcqKUiR5LGb7b7vZexJ++X7rOGUZVO52NYxQUPVPr4blSbMl8tMHmDez94rUg1X
aJ6+6+uY8lcebr65LCSA/N09qLxAFoi5gku1wS4GQECvsQvA7/GYAp+3O4ytULrE
Cqf5Wx9PBweKkB1h4BLzsKUFCXUgm74dlvs8GtBPTKd58CEeLO2pAbKJhBciUF37
Wuw28zVKX8WaC789HyrTJx8n+hSwaZAqHFiv9TFUF8XwG+Cp9FwRof81V1jbfWWe
AUD+R41bDR8tMmblaSd9GLYWKzeAdk7D1u6dF9RCQu4Tg1hjAKQxCgpg221n3VbE
btAaVBQuTHRrjo7jtwz5sjM3jC9SEhK0I/eP8QOUPut9O+jmP3/k28cBgIAY3RHf
JGpgZSGMB2zzYmYbLOtrbrh5Z9nNhCOhLBQGuRMe+/lO8/Jo4BrC/rYUkV3zkS3d
mwIm/AHPy7+ZLpz3F+zTmSiWOP7oB44hzJTAy/7RbW0RwO4ry4lLRPcbxQ77epjz
vX/Kwjl44H6jnO0zjXutBg/5+3lDxuMxZzcVfCOqF4KENA3vBynJCA==
-----END RSA PRIVATE KEY-----
App-Chart
view release on metacpan or search on metacpan
xtools/my-kwalitee.sh view on Meta::CPAN
if test -z "$DISTVNAME"; then
echo "DISTVNAME not found"
exit 1
fi
if [ -e ~/bin/my-gpg-agent-daemon ]; then
eval `my-gpg-agent-daemon`
echo "gpg-agent $GPG_AGENT_INFO"
fi
TGZ="$DISTVNAME.tar.gz"
make "$TGZ"
App-Cheats
view release on metacpan or search on metacpan
#############################################################
## Linux Commands - apt-key
#############################################################
# Add the key of a package site to allow installing from other sources
wget -q http://opensource.wandisco.com/wandisco-debian.gpg -O- | sudo apt-key add -
#############################################################
## Linux Commands - apt-list
#############################################################
#############################################################
## GPG Encryption (PGP Key)
#############################################################
# Generate a PGP key
gpg --gen-key
# Create a PGP signed file
gpg -ea -r "YOUR_NAME" > $HOME/.pause
user USER
password Pas$word
# Show your PGP keys (list)
gpg -k # Public keys.
gpg -K # Secret keys.
# Decrypt a PGP signed file.
gpg -d ~/.pause
# Cache password in agent.
# Some reason this fixed caching.
gpgconf --kill gpg-agent
# Share GPG keys (export from one, import in another machine).
gpg --export-secret-key -a > secretkey.asc
gpg --import secretkey.asc
# Warning: It is NOT certain that the key belongs to the person named.
gpg --edit-ḱeys YOUR_NAME
trust
5
yes
# Delete expired keys.
#
# Step 1: Create revoke certificate:
gpg --output revoke.asc --gen-revoke YOUR_ID
#
# Step 2: Apply revoke:
gpg --import revoke.asc
#
# Step 3: Delete secret key:
gpg --delete-secret-keys YOUR_ID
#
# Step 4: Delete public key:
gpg --delete-keys YOUR_ID
# Delete all keys.
gpg --delete-key 'Tim Potapov'
gpg --delete-secret-key 'Tim Potapov'
#############################################################
## HTML Attribute - href
#############################################################
App-DocKnot
view release on metacpan or search on metacpan
lib/App/DocKnot/Dist.pm view on Meta::CPAN
my $sig_path = $path->child($tarball_path->basename() . '.asc');
if ($sig_path->exists()) {
$sig_path->remove();
}
systemx(
$self->{gpg}, '--detach-sign', '--armor', '-u',
$self->{pgp_key}, $tarball_path,
);
}
return;
}
lib/App/DocKnot/Dist.pm view on Meta::CPAN
# Create and return the object.
my $self = {
config => $config_reader->config(),
distdir => path($distdir),
gpg => $args_ref->{gpg} // 'gpg',
perl => $args_ref->{perl},
pgp_key => $args_ref->{pgp_key} // $global_config_ref->{pgp_key},
};
bless($self, $class);
return $self;
lib/App/DocKnot/Dist.pm view on Meta::CPAN
1;
__END__
=for stopwords
Allbery DocKnot MERCHANTABILITY NONINFRINGEMENT sublicense JSON CPAN ARGS
distdir Automake xz gpg Kwalify IO-Compress-Lzma
=head1 NAME
App::DocKnot::Dist - Prepare a distribution tarball
lib/App/DocKnot/Dist.pm view on Meta::CPAN
The tools to build whatever type of software distribution is being prepared
are also required, since the distribution is built and tested as part of
preparing the tarball.
To sign distribution tarballs, the GnuPG command-line program B<gpg> is
required. (Any version, either GnuPG v1 or GnuPG v2, should work.)
=head1 DESCRIPTION
This component of DocKnot generates distribution tarballs for a package. This
lib/App/DocKnot/Dist.pm view on Meta::CPAN
The path to the directory into which to put the distribution tarball. This
should point to a trusted directory, not one where an attacker could have
written files (see make_distribution() below). Required if not set in the
global configuration file.
=item gpg
The path to the B<gpg> binary, used to sign generated tarballs if C<pgp_key>
is present in the global configuration or provided as a constructor argument.
Default: The binary named C<gpg> on the user's PATH.
=item metadata
The path to the metadata for the package on which to operate. Default:
F<docs/docknot.yaml> relative to the current directory.
lib/App/DocKnot/Dist.pm view on Meta::CPAN
After the distribution is created, check_dist() will be run on it. If any
files are missing from the distribution, they will be reported to standard
output and then an exception will be thrown.
If the C<pgp_key> constructor parameter or global configuration option is set,
the generated tarballs will then be signed with that key, using B<gpg>. The
generated signature will be armored and stored in a file named by appending
C<.asc> to the name of the tarball.
=back
App-Eduard
view release on metacpan or search on metacpan
lib/App/Eduard.pm view on Meta::CPAN
sub import_pubkeys {
my ($ent, $mg) = @_;
my @keys;
if ($ent->mime_type eq 'application/pgp-keys') {
$ent = mp(1)->parse_data($ent->stringify);
my $gpg = GnuPG::Interface->new;
$mg->_set_options($gpg);
$gpg->options->quiet(1);
my ($input, $status) = (IO::Handle->new, IO::Handle->new);
my $pid = $gpg->import_keys(handles => GnuPG::Handles->new(stdin => $input, status => $status));
my $read = Mail::GnuPG::_communicate([$status], [$input], {$input => $ent->bodyhandle->as_string});
push @keys, map { /IMPORT_OK \d+ (\w+)/ } $read->{$status};
waitpid $pid, 0
}
push @keys, import_pubkeys ($_, $mg) for $ent->parts;
lib/App/Eduard.pm view on Meta::CPAN
# PGP/Inline requires decoding
$parser->decode_bodies(1);
$msg = $parser->parse_data($msg->stringify)
}
my $gpg = mg;
if ($msg->effective_type ne 'multipart/signed' && $msg->effective_type ne 'multipart/encrypted' && !$msg->bodyhandle) {
debug 'This is (probably) a PGP/Inline mail with attachments. Working around...';
$msg = find_pgp_part $msg, $gpg
}
if ($gpg->is_signed($msg)) {
debug 'This mail looks signed';
my ($code, $keyid, $email) = $gpg->verify($msg);
return sign_error => (
message => stringify $gpg->{last_message}) if $code;
return sign => (
keyid => $keyid,
email => $email,
message => stringify $gpg->{last_message});
}
if ($gpg->is_encrypted($msg)) {
debug 'This mail looks encrypted';
my ($code, $keyid, $email) = $gpg->decrypt($msg);
return encrypt_error => (
message => stringify $gpg->{last_message}) if $code;
return encrypt => (
plaintext => stringify $gpg->{plaintext},
decrypted => $gpg->{decrypted},
message => stringify $gpg->{last_message}) unless defined $keyid;
return signencrypt => (
keyid => $keyid,
email => $email,
plaintext => stringify $gpg->{plaintext},
decrypted => $gpg->{decrypted},
message => stringify $gpg->{last_message});
}
debug 'This mail doesn\'t seem to be signed or encrypted';
return 'plain', message => ''
}
lib/App/Eduard.pm view on Meta::CPAN
=head1 EXPORTS
None by default.
=head2 B<import_keys>(I<$entity>, I<$gpg>)
Scan a message for PGP public keys, and import them. I<$entity> is a L<MIME::Entity> to scan, I<$gpg> is a L<Mail::GnuPG> instance.
Returns a list of fingerprints of keys found.
=head2 B<process_message>(I<$message>)
App-Fetchware
view release on metacpan or search on metacpan
lib/App/Fetchware.pm view on Meta::CPAN
build_commands
install_commands
uninstall_commands
lookup_url
lookup_method
gpg_keys_url
gpg_sig_url
sha1_url
md5_url
user_agent
verify_method
no_install
lib/App/Fetchware.pm view on Meta::CPAN
)],
OVERRIDE_DOWNLOAD => [qw(
determine_package_path
)],
OVERRIDE_VERIFY => [qw(
gpg_verify
sha1_verify
md5_verify
digest_verify
)],
OVERRIDE_UNARCHIVE => [qw(
lib/App/Fetchware.pm view on Meta::CPAN
###BUGALERT### Add strict argument checking to App::Fetchware's API subroutines
#to check for not being called correctly to aid extension debugging.
###BUGALERT### Recommend installing http://gpg4win.org if you use fetchware on
# Windows so you have gpg support.
lib/App/Fetchware.pm view on Meta::CPAN
[ build_commands => 'ONEARRREF' ],
[ install_commands => 'ONEARRREF' ],
[ uninstall_commands => 'ONEARRREF' ],
[ lookup_url => 'ONE' ],
[ lookup_method => 'ONE' ],
[ gpg_keys_url => 'ONE' ],
[ gpg_sig_url => 'ONE' ],
[ sha1_url => 'ONE' ],
[ md5_url => 'ONE' ],
[ user_agent => 'ONE' ],
[ verify_method => 'ONE' ],
[ mirror => 'MANY' ],
lib/App/Fetchware.pm view on Meta::CPAN
to install. The default is the 'timestamp' algorithm, and then to try the
'versionstring' algorithm if 'timestamp' fails. lookup_method specifies which
one you would like to use. Only the strings 'timestamp' and 'versionstring'
are allowed options.
EOA
gpg_keys_url => <<EOA,
gpg_keys_url specifies the url that fetchware will use to download the author's
KEYS file that it uses for gpg verification.
EOA
gpg_sig_url => <<EOA,
gpg_sig_url specifies the url that fetchware uses to download digital
signatures of this program. They're files that usually end .asc.
EOA
sha1_url => <<EOA,
sha1_url specfies the url that fetchware uses to download sha1sum files of
this program. This url should be the program's main download site instead of a
lib/App/Fetchware.pm view on Meta::CPAN
this program. This url should be the program's main download site instead of a
mirror, because a hacked mirror could alter the md5sum on that mirror.
EOA
verify_method => <<EOA,
verify_method specifes a specific method that fetchware should use to verify
your program. This method can be 'gpg', 'sha1', or 'md5'.
EOA
no_install => <<EOA,
no_install specifies that this software should not be installed. Instead, the
install step is skipped, and fetchware prints to STDOUT where it downloaded,
verified, and built your program. no_install must be a true or false value.
lib/App/Fetchware.pm view on Meta::CPAN
verify_failure_ok specifies that fetchware should not stop installing your
software and terminate with an error message if fetchware fails to verify your
software. You should never set this to true. Doing so could cause fetchware to
install software that may have been compromised, or had malware inserted into
it. Never use this option unless the author or maintainer of this program does
not gpg sign or checksum his software.
EOA
user_keyring => <<EOA,
users_keyring if enabled causes fetchware to use the user's own gpg keyring
instead of fetchware's own keyring.
EOA
mirror => <<EOA
The mirror configuration option provides fetchware with alternate servers to
try to download this program from. This option is used when the server
lib/App/Fetchware.pm view on Meta::CPAN
FTP or HTTP listing. It parses out the version information, sorts it highest to
lowest, and then picks the highest version of your software package. The default
is try 'timestamp' and if that doesn't work, then try 'versionstring'.
EOP
},
gpg_keys_url => {
prompt => <<EOP,
What gpg_keys_url configuration option would you like?
EOP
print_me => <<EOP
gpg_keys_url specifies a url similar to lookup_url in that it should specify a
directory instead a specific file. It is used to download KEYS files, which
contain your program author's gpg keys to import into gpg.
EOP
},
gpg_sig_url => {
prompt => <<EOP,
What gpg_sig_url configuration option would you like?
EOP
print_me => <<EOP
gpg_sig_url specifies a url similar to lookup_url in that it should specify a
directory instead a specific file. It is used to download gpg signatures to
verify your software package.
EOP
},
sha1_url => {
prompt => <<EOP,
lib/App/Fetchware.pm view on Meta::CPAN
What verify_method configuration option would you like?
EOP
print_me => <<EOP,
verify_method specifies what method of verification fetchware should use to
ensure the software you have downloaded has not been tampered with. The default
is to try gpg verification, then sha1, and then finally md5, and if they all
fail an error message is printed and fetchware exits, because if your software
package cannot be verified, then it should not be installed. This configuration
option allows you to remove the warnings by specifying a specific way of
verifying your software has not been tampered with. To disable verification set
the 'verify_failure_ok' configuration option to true.
lib/App/Fetchware.pm view on Meta::CPAN
prompt => <<EOP,
Would you like to enable users_keyring configuration option?
EOP
print_me => <<EOP
users_keyring when enabled causes fetchware to use the user who calls
fetchware's gpg keyring instead of fetchware's own gpg keyring. Useful for
source code distributions that do not provide an easily accessible KEYS file.
Just remember to import the author's keys into your gpg keyring with gpg
--import.
EOP
},
);
vmsg 'User entered the following options.';
lib/App/Fetchware.pm view on Meta::CPAN
my %available_verify_methods;
# Determine what types of verification are available.
for my $file_and_timestamp (@$filename_listing) {
if ($file_and_timestamp->[0] =~ /\.(asc|sig|sign)$/) {
$available_verify_methods{gpg}++;
} elsif ($file_and_timestamp->[0] =~ /\.sha1?$/) {
$available_verify_methods{sha1}++;
} elsif ($file_and_timestamp->[0] =~ /\.md5$/) {
$available_verify_methods{md5}++;
}
}
my $verify_configed_flag = 0;
#If gpg is available prefer it over the others.
if (exists $available_verify_methods{gpg}
and defined $available_verify_methods{gpg}
and $available_verify_methods{gpg} > 0
) {
msg <<EOM;
gpg digital signatures found. Using gpg verification.
EOM
$options{verify_method} = 'gpg';
# Search for a KEYS file to use to import the author's keys.
if (grep {$_->[0] eq 'KEYS'} @$filename_listing) {
msg <<EOM;
KEYS file found using lookup_url. Adding gpg_keys_url to your Fetchwarefile.
EOM
# Add 'KEYS' or '/KEYS' to $lookup_url's path.
my ($scheme, $auth, $path, $query, $fragment) =
uri_split($lookup_url);
$path = catfile($path, 'KEYS');
$lookup_url = uri_join($scheme, $auth, $path, $query, $fragment);
$options{gpg_keys_url} = $lookup_url;
$verify_configed_flag++;
} else {
msg <<EOM;
KEYS file *not* found!
EOM
lib/App/Fetchware.pm view on Meta::CPAN
print_me => <<EOP,
Automatic KEYS file discovery failed. Fetchware needs the author's keys to
download and import into its own keyring, or you may specify the option
user_keyring, which if true will cause fetchware to use the user who runs
fetchware's keyring instead of fetchware's own keyring. But you, the user, needs
to import the author's keys into your own gpg keyring. You can do this now in a
separate shell, or after you finish configuring this Fetchwarefile. Just run the
command [gpg --import <name of file>].
EOP
)
) {
$options{user_keyring} = 'On';
lib/App/Fetchware.pm view on Meta::CPAN
# if they're defined, which is done below.
}
}
# Only try sha1 and md5 if gpg failed.
unless ($verify_configed_flag == 1) {
if (exists $available_verify_methods{sha1}
and defined $available_verify_methods{sha1}
and $available_verify_methods{sha1} > 0
) {
lib/App/Fetchware.pm view on Meta::CPAN
# Otherwise, throw an exception.
die <<EOD;
fetchware: Fetchware *must* be able to verify any software packages that it
downloads. The Fetchwarefile that you were creating could not do this, because
you failed to specify how fetchware can verify its downloads. Please rerun
fetchware new again, and this time be sure to specify a gpg_keys_url, specify
user_keyring to use your own gpg keyring, or answer yes to the question
regarding adding verify_failure_ok to your Fetchwarefile to make failing
verificaton acceptable to fetchware.
EOD
}
}
lib/App/Fetchware.pm view on Meta::CPAN
msg "Verifying the downloaded package [$package_path]";
my $retval;
unless (defined(config('verify_method'))) {
# if gpg fails try
# sha and if it fails try
# md5 and if it fails die
msg 'Trying to use gpg to cyptographically verify downloaded package.';
my ($gpg_err, $sha_err, $md5_err);
eval {$retval = gpg_verify($download_path)};
$gpg_err = $@;
if ($gpg_err) {
msg <<EOM;
Cyptographic verification using gpg failed!
GPG verification error [
$@
]
EOM
warn $gpg_err;
}
if (! $retval or $gpg_err) {
msg <<EOM;
Trying SHA1 verification of downloaded package.
EOM
eval {$retval = sha1_verify($download_path, $package_path)};
$sha_err = $@;
lib/App/Fetchware.pm view on Meta::CPAN
failure is not fatal.
EOM
return 'warned due to verify_failure_ok'
}
}
} elsif (config('verify_method') =~ /gpg/i) {
vmsg <<EOM;
You selected gpg cryptographic verification. Verifying now.
EOM
###BUGALERT### Should trap the exception {gpg,sha1,md5}_verify()
#throws, and then add that error to the one here, otherwise the
#error message here is never seen.
gpg_verify($download_path)
or die <<EOD unless config('verify_failure_ok');
App-Fetchware: run-time error. You asked fetchware to only try to verify your
package with gpg or openpgp, but they both failed. See the warning above for
their error message. See perldoc App::Fetchware.
EOD
} elsif (config('verify_method') =~ /sha1?/i) {
vmsg <<EOM;
You selected SHA1 checksum verification. Verifying now.
lib/App/Fetchware.pm view on Meta::CPAN
See perldoc App::Fetchware.
EOD
} else {
die <<EOD;
App-Fetchware: run-time error. Your fetchware file specified a wrong
verify_method option. The only supported types are 'gpg', 'sha', 'md5', but you
specified [@{[config('verify_method')]}]. See perldoc App::Fetchware.
EOD
}
msg 'Verification succeeded.';
}
lib/App/Fetchware.pm view on Meta::CPAN
sub gpg_verify {
my $download_path = shift;
my $keys_file;
# Attempt to download KEYS file in lookup_url's containing directory.
# If that fails, try gpg_keys_url if defined.
# Import downloaded KEYS file into a local gpg keyring using gpg command.
# Determine what URL to use to download the signature file *only* from
# lookup_url's host, so that we only download the signature from the
# project's main mirror.
# Download it.
# gpg verify the sig using the downloaded and imported keys in our local
# keyring.
# Skip downloading and importing keys if we're called from inside a
# fetchware package, which should already have a copy of our package's
# KEYS file.
unless (config('user_keyring')
or (-e './pubring.gpg' and -e './secring.gpg')) {
# Obtain a KEYS file listing everyone's key that signs this distribution.
if (defined config('gpg_keys_url')) {
$keys_file = no_mirror_download_file(config('gpg_keys_url'));
} else {
eval {
$keys_file = no_mirror_download_file(config('lookup_url'). '/KEYS');
};
die <<EOD if $@;
App-Fetchware: Fetchware was unable to download the gpg_key_url you specified or
that fetchware tried appending asc, sig, or sign to [@{[config('lookup_url')]}].
It needs to download this file to properly verify you software package. This is
a fatal error, because failing to verify packages is a perferable default over
potentially installing compromised ones. If failing to verify your software
package is ok to you, then you may disable verification by adding
verify_failure_ok 'On'; to your Fetchwarefile. See perldoc App::Fetchware.
EOD
}
# Import downloaded KEYS file into a local gpg keyring using gpg
# command.
eval {
# Add --homedir option if needed.
if (config('user_keyring')) {
run_prog('gpg', '--import', $keys_file);
} else {
run_prog('gpg', '--homedir', '.', '--import', $keys_file);
}
1;
} or msg <<EOM;
App-Fetchware: Warning: gpg exits nonzero when importing large KEY files such as
Apache's. However, despite exiting nonzero gpg still manages to import most of
the keys into its keyring. It only exits nonzero, because some of the keys in
the KEYS file had errors, and these key's errors were enough to cause gpg to
exit nonzero, but not enough to cause it to completely fail importing the keys.
EOM
}
# Download Signature using lookup_url.
lib/App/Fetchware.pm view on Meta::CPAN
};
# If the file was downloaded stop trying other extensions.
last if defined $sig_file;
}
die <<EOD if not defined $sig_file;
App-Fetchware: Fetchware was unable to download the gpg_sig_url you specified or
that fetchware tried appending asc, sig, or sign to [$sig_url]. It needs
to download this file to properly verify you software package. This is a fatal
error, because failing to verify packages is a perferable default over
potentially installing compromised ones. If failing to verify your software
package is ok to you, then you may disable verification by adding
lib/App/Fetchware.pm view on Meta::CPAN
###BUGALERT### if (eval {use Crypt::OpenPGP}) {
##DOESNTWORK?? # Build a pubring needed for verify.
##DOESNTWORK?? my $pubring = Crypt::OpenPGP::KeyRing->new();
##DOESNTWORK?? my $secring = Crypt::OpenPGP::KeyRing->new();
##DOESNTWORK??
##DOESNTWORK?? # Turn on gpg compatibility just in case its needed.
##DOESNTWORK?? my $pgp = Crypt::OpenPGP->new(
##DOESNTWORK?? Compat => 'GnuPG',
##DOESNTWORK?? PubRing => $pubring,
##DOESNTWORK?? SecRing => $secring,
##DOESNTWORK?? # Automatically download public keys as needed.
lib/App/Fetchware.pm view on Meta::CPAN
##DOESNTWORK?? # file.
##DOESNTWORK?? return undef;
##DOESNTWORK?? }
###BUGALERT### } else {
###BUGALERT### ###BUGALERT### eval the run_prog()'s below & add better error reporting in
###BUGALERT### ###BUGALERT### if Crypt::OpenPGP works ok remove gpg support & this if &
###BUGALERT### }
#IPC::System::Simple dependency.
#my standard format.
# Use automatic key retrieval & a cool pool of keyservers
###BUGALERT## Give Crypt::OpenPGP another try with
#pool.sks-keyservers.net
###BUGALERT### Should I cache the files gpg puts in its "homedir"? They
#are the public keys that verify this fetchware package. Or should they
#always be downloaded on demand as they are now??? But if verify() can
#have keys cached inside the fetchware package does that mean that I
#should open up this as an API for fetchware extensions????? I don't
#know. I'll have to think more about this issue.
#run_prog('gpg', '--keyserver', 'pool.sks-keyservers.net',
# '--keyserver-options', 'auto-key-retrieve=1',
# '--homedir', '.', "$sig_file");
# Verify sig.
# Add --homedir option if needed.
if (config('user_keyring')) {
run_prog('gpg', '--verify', $sig_file);
} else {
run_prog('gpg', '--homedir', '.', '--verify', $sig_file);
}
# Return true indicating the package was verified.
return 'Package Verified';
}
lib/App/Fetchware.pm view on Meta::CPAN
Mandatory => [ 'lookup_url', <<EOM ],
App-Fetchware: Your Fetchwarefile must specify a lookup_url configuration
option. Please add one, and try again.
EOM
ConfigOptionEnum => ['lookup_method', [qw(timestamp versionstring)] ],
ConfigOptionEnum => ['verify_method', [qw(gpg sha1 md5)] ],
);
}
lib/App/Fetchware.pm view on Meta::CPAN
# Only program, lookup_url, one or more mirrors, and some method of
# verification are required.
program 'Your program';
lookup_url 'http://whatevermirror.your/program/is/on';
gpg_keys_url 'http://whatevermirror.your/program/gpg/key/url.asc';
mirror 'http://whatevermirror1.your/program/is/on';
mirror 'http://whatevermirror2.your/program/is/on';
mirror 'http://whatevermirror3.your/program/is/on';
mirror 'http://whatevermirror4.your/program/is/on';
mirror 'http://whatevermirror5.your/program/is/on';
lib/App/Fetchware.pm view on Meta::CPAN
At the heart of App::Fetchware is its C<lookup_url>, which is
the URL to the FTP or HTTP mirror you want App::Fetchware to use to obtain a
directory listing to see if a new version of your program is available for
download. To figure this out just use your browser to find the program you
want fetchware to manage for you's Web site. Skip over the download link, and
instead look for the gpg, sha1, or md5 verify links, and copy and paste one of
those between the single quotes above in the lookup_url. Then delete the file
portion--from right to left until you reach a C</>. This is necessary, because
fetchware uses the lookup_url as a basis to download your the gpg, sha1, or md5
digital signatures or checksums to ensure that the packages fetchware downloads
and installs are exactly the same as the ones the author uploads.
lookup_url '';
lib/App/Fetchware.pm view on Meta::CPAN
configuration options below that may allow verification to succeed if the author
has his download site set up differently then fetchware expects.
=over
=item gpg_keys_url - Should list a URL to a file most likely named C<KEYS> that
contains versions of the author's gpg verification keys that is suitable to be
imported into gpg using C<gpg --import [name of file]>. An example would be:
gpg_keys_url 'http://www.apache.org/dist/httpd/KEYS';
=item users_keyring - Tells fetchware to use the user who calls fetchware's gpg
keyring instead of fetchware's own keyring. This is handy for when you want to
install a program, but the author has no easily accessible C<KEYS> file, but the
author has listed his gpg key on his Website. With this option, you can import
this key into your own keyring using C<gpg --import [name of file]>, and then
specify this option in your Fetchwarefile as shown below.
users_keyring 'On';
=item gpg_sig_url - Should list a URL to a directory (not a file) that has files
with the same names as the software archives that contain your program, but with
a C<.asc>, C<.sig>, or C<.sign> file extension. An example would be:
gpg_sig_url 'http://www.apache.org/dist/httpd/';
=item sha1_url - Should list a URL to a directory (not a file) that has files
with the same names as the software archives that contain your program, but with
a C<.sha> or C<.sha1> file extension. An example would be:
lib/App/Fetchware.pm view on Meta::CPAN
and uses them to determine the downloadable archive with the highest version
number, which should also be the newest and best version of the archive to use.
=back
=head2 gpg_keys_url 'lookup_url.com/some/path';
Specifies a file not a directory URL for a C<KEYS> file that lists all of the
authors' gpg keys for fetchware to download and import before using them to
verify the downloaded software package.
If you come accross a software package whoose author uses gpg to sign his
software packages, but he does not include it in the form of a file on his main
mirror, then you can specify the C<user_keyring> option. This option forces
fetchware to use the user who runs fetchware's keyring instead of fetchware's
own keyring. This way you can then import the author's key into your own
keyring, and have fetchware use that keyring that already has the author's key
lib/App/Fetchware.pm view on Meta::CPAN
When enabled fetchware will use the user who runs fetchware's keyring instead of
fetchware's own keyring. Fetchware uses its own keyring to avoid adding cruft to
your own keyring.
This is needed when the author of a software package does not maintain a KEYS
file that can easily be downloaded and imported into gpg. This option allows you
to import the author's key manually into your own gpg keyring, and then
fetchware will use your own keyring instead of its own to verify your downloads.
=over
=item LIMITAITON
C<user_keyring> when set to true requires that the user that fetchware is
running under have a real gpg keyring with keys that have been imported into it.
This is not the case B<unless> the C<user> option has been specified with a user
account with a proper home directory and gpg keyring for gpg to use. Because of
this limitation if you need to specify C<user_keyring> be sure to also specify
the C<user> option to specify a I<real> user account instead of the default fake
one C<nobody>.
Typically you would import the keys into your own user accounts gpg keyring, and
then you would specify your own username with the C<user> option to tell
fetchware to drop privs to your own user account to have access to your own gpg
keys.
=back
=head2 gpg_sig_url 'mirror.com/some/path';
Specifies an alternate url to use to download the cryptographic signature that
goes with your program. This is usually a file with the same name as the
download url with a C<.asc> file extension added on. Fetchware will also append
the extensions C<sig> and C<sign> if C<.asc> is not found, because some pgp
lib/App/Fetchware.pm view on Meta::CPAN
Specifies what C<user_agent> you would like fetchware to pretend to be when
downloading files using the HTTP protocol. Some sites annoying prevent some
user agents from working while allowing others. This allows you to pretend to
be a real browser such as Firefox if you need to.
=head2 verify_method 'gpg';
Chooses a method to verify your program. The default is to try C<gpg>, then
C<sha1>, and finally C<md5>, and if all three fail, then the default is to exit
fetchware with an error message, because it is insecure to install archives that
cannot be verified. The availabel options are:
=over
=item gpg - Uses the gpg program to cryptographically verify that the program you downloaded is exactly the same as its author uploaded it.
=item sha1 - Uses the SHA-1 hash function to verify the integrity of the download. This is much less secure than gpg.
=item md5 - Uses the MD5 hash function to verify the integrity of the download. This is much less secure than gpg.
=back
=head2 verify_failure_ok 'True';
Fetchware's default regarding failing to verify your downloaded Archive with
gpg, sha1, or md5 is to exit with an error message, because installing software
that cannot be cryptographically verified should never be done.
=over
=item SECURITY NOTICE
However, if the author of a program you want to use fetchware to manage for you
does not offer a gpg, sha1, or md5 file to verify its integrity, then you can
use this option to force Fetchware to install this program anyway. However, do
not enable this option lightly. Please scour the program's mirrors and homepage
to see which C<gpg_keys_url>, C<gpg_sig_url>, C<sha1_url>, C<md5_url>, or
C<user_keyring> you can use to ensure that your archive is verified before it is
compiled and installed. Even mirrors from sites large and small get hacked
regularly:
L<http://www.itworld.com/security/322169/piwik-software-installer-rigged-back-door-following-website-compromise?page=0,0>
lib/App/Fetchware.pm view on Meta::CPAN
L<http://www.csoonline.com/article/685037/wordpress-warns-server-admins-of-trojans>
L<http://www.computerworld.com/s/article/9233822/Hackers_break_into_two_FreeBSD_Project_servers_using_stolen_SSH_keys>
So, Please give searching for a C<gpg_keys_url>, C<gpg_sig_url>, C<sha1_url>,
C<md5_url>, or C<user_keyring> for your program another try before simply
enabling this option.
=back
lib/App/Fetchware.pm view on Meta::CPAN
L</lookup_by_versionstring()>, L</lookup_determine_downloadpath()>
=item L<OVERRIDE_DOWNLOAD|download() API REFERENCE> -
L</determine_package_path()>
=item L<OVERRIDE_VERIFY|verify() API REFERENCE> - L</gpg_verify()>,
L</sha1_verify()>, L</md5_verify()>, L</digest_verify()>
=item L<OVERRIDE_UNARCHIVE|unarchive() API REFERENCE> -
L</check_archive_files()>, L</list_files()>, L</list_files_tar()>,
L</list_files_zip()>, L</unarchive_package()>, L</unarchive_tar()>,
lib/App/Fetchware.pm view on Meta::CPAN
filter 'httpd-2.2';
mirror 'http://apache.mirrors.pair.com/httpd/';
mirror 'http://mirrors.ibiblio.org/apache/httpd/';
mirror 'ftp://apache.cs.utah.edu/apache.org/httpd/';
verify_method 'gpg';
gpg_keys_url 'http://www.apache.org/dist/httpd/KEYS';
make_options '-j 4';
prefix '/home/dly/software/apache2.2';
# You can use heredocs to make gigantic options like this one more legible.
configure_options <<EOO;
lib/App/Fetchware.pm view on Meta::CPAN
into your keyring, and then specify the C<user_keyring> option to switch
fetchware from usings its own keyring to using your own keyring. Also, note the
comment regarding having to use the C<user> option to specify a real user
account. This is needed, because the verify step is done by fetchware's child
after that child drops its root privileges. Th default user is nobody, and
nobody has no real home, and therefore no keyring, so gpg won't be able to read
the keys you ask it to by using the C<user_keyring> option; therefore, C<user>
must be specified to change it to a real user, whoose keyring has had these keys
imported into it. Also, worth noting that this nginx configuration does not use
a C<filter> option. This is not actually needed, because the only source-code
packages availabe at the C<lookup_url> are the nginx software packages
lib/App/Fetchware.pm view on Meta::CPAN
mirror 'http://nginx.org/download/';
# Must add the developers public keys to my own keyring. These keys are
# availabe from http://nginx.org/en/pgp_keys.html Do this with:
# gpg \
# --fetch-keys http://nginx.org/keys/aalexeev.key\
# --fetch-keys http://nginx.org/keys/is.key\
# --fetch-keys http://nginx.org/keys/mdounin.key\
# --fetch-keys http://nginx.org/keys/maxim.key\
# --fetch-keys http://nginx.org/keys/sb.key\
# --fetch-keys http://nginx.org/keys/glebius.key\
# --fetch-keys http://nginx.org/keys/nginx_signing.key
# You might think you could just set gpg_keys_url to the nginx-signing.key key,
# but that won't work, because like apache different releases are signed by
# different people. Perhaps I could change gpg_keys_url to be like mirror where
# you can specify more than one option?
user_keyring 'On';
# user_keyring specifies to use the user's own keyring instead of fetchware's.
# But fetchware drops privileges by default using he user 'nobody.' nobody is
# nobody, so that user account does not have a home directory for gpg to read a
# keyring from. Therefore, I'm using my own account instead.
user 'dly';
# The other option, which is commented out below, is to use root's own keyring,
# and the no_install option to ensure that root uses its own keyring instead of
# nobody's.
# noinstall 'On';
verify_method 'gpg';
=back
=head2 PHP Programming Language
lib/App/Fetchware.pm view on Meta::CPAN
tags used for new versions of php. These are sorted using the C<versonstring>
lookup() algorithm, and the latest one is returned.
download() uses C<git checkout [latesttag]> to "download" php by simply changing
the working directory to the latest tag. verify() uses git's cool C<verify-tag>
command to verify the gpg signature. unarchive() is updated to do nothing since
there is no archive to unarchive. However, because we reuse build(), archive()
must return a $build_path that build() will change its directory to. start() and
end() are also overridden, because managing a temporary directory is not needed,
so, instead, they just do a C<git checkout master> to switch from whatever the
latest tag is back to master, because git pull bases what it does on what branch
lib/App/Fetchware.pm view on Meta::CPAN
my $package_path = cwd();
return $package_path;
};
# You must manually add php's developer's gpg keys to your gpg keyring. Do
# this by going to the page: http://us1.php.net/downloads.php . At the
# bottom the gpg key "names are listed such as "7267B52D" or "5DA04B5D."
# These are their key "names." Use gpg to download them and import them into
# your keyring using: gpg --keyserver pgp.mit.edu --recv-keys [key id]
hook verify => sub {
my ($download_path, $package_path) = @_;
# the latest tag is the download path see lookup.
my $latest_tag = $download_path;
lib/App/Fetchware.pm view on Meta::CPAN
=item B<my $download_url = lookup()> - Determines and returns a download url that C<download()> receives and uses to download the archive for the program.o
=item B<my $package_path = download($tempd_dir, $download_url)> - Downloads its provided $download_url argument.
=item B<verify($download_url, $package_path)> - Verifies the integrity of your downloaded archive using gpg, sha1, or md5.
=item B<my $build_path = unarchive($package_path)> - Unpacks the downloaded archive.
=item B<build($build_path)> - Configures and compiles the downloaded archive.
lib/App/Fetchware.pm view on Meta::CPAN
# );
Asks the user to specify at least one mirror to use to download their archives.
It also reiterates to the user that the C<lookup_url> should point to the
author's original download site, and B<not> a 3rd party mirror, because md5sums,
sha1sums, and gpg signatures should B<only> be downloaded from the author's
download site to avoid them being modified by a hacked 3rd party mirror. While
C<mirror> should be configured to point to a 3rd party mirror to lessen the load
on the author's offical download site.
After the user enters at least one mirror, get_mirrors() asks the user if they
lib/App/Fetchware.pm view on Meta::CPAN
=head3 get_verification()
my $verification_hashref = get_verification($term, $filename_listing, $lookup_url);
# $verification_hashref = (
# gpg_keys_url => 'http://main.mirror/distdir',
# verification_method => 'gpg',
# );
Parses $filename_listing to determine what type of verification is available.
Prefering gpg, but falling back on sha1, and then md5 if gpg is not available.
If the type is gpg, then get_verification() will ask the user to specify a
C<gpg_keys_url>, which is required for gpg, because fetchware needs to be able
to import the needed keys to be able to use those keys to verify package
downloads. If this URL is not provided by the author, then get_verification()
will ask the user if they would like to import the author's key into their own
gpg public keyring. If they would, then get_verification() will use the
C<user_keyring> C<'On'> option to use the user's public keyring instead of
fetchware's own keyring. And if the user does not want to use their own gpg
public keyring, then get_verification will fall back to sha1 or md5 setting
C<verify_method> to sha1 or md5 as needed.
Also, adds a gpg_keys_url option if a C<KEYS> file is found in
$filename_listing.
If no verification methods are available, fetchware will print a big nasty
warning message, and offer to use C<verify_failure_ok> to make such a failure
cause fetchware to continue installing your software.
lib/App/Fetchware.pm view on Meta::CPAN
=item Configuration subroutines used:
=over
=item gpg_keys_url
=item user_keyring
=item gpg_sig_url
=item sha1_url
=item md5_url
lib/App/Fetchware.pm view on Meta::CPAN
=back
Verifies the downloaded package stored in $package_path by downloading
$download_path.{asc,sha1,md5}> and comparing the two together. Uses the
helper subroutines C<{gpg,sha1,md5,digest}_verify()>.
=over
=item LIMITATIONS
Uses gpg command line, and the interface to gpg is a little brittle.
Crypt::OpenPGP is buggy and not currently maintainted again, so fetchware cannot
make use of it, so were stuck with using the command line gpg program.
=back
=over
lib/App/Fetchware.pm view on Meta::CPAN
paste anything from verify().
App::Fetchware is B<not> object-oriented; therefore, you B<can not> subclass
App::Fetchware to extend it!
=head3 gpg_verify()
'Package Verified' = gpg_verify($download_path);
Uses the command-line program C<gpg> to cryptographically verify that the file
you download is the same as the file the author uploaded. It uses public-key
priviate-key cryptography. The author signs his software package using gpg or
some other OpenPGP compliant program creating a digital signature file with the
same filename as the software package, but usually with a C<.asc> file name
extension. gpg_verify() downloads the author's keys, imports them into
fetchware's own keyring unless the user sets C<user_keyring> to true in his
Fetchwarefile. Then Fetchware downloads a digital signature that usually
ends in C<.asc>. Afterwards, fetchware uses the gpg command line program to
verify the digital signature. gpg_verify returns true if successful, and throws
an exception otherwise.
You can use C<gpg_keys_url> to specify the URL of a file where the author has
uploaded his keys. And the C<gpg_sig_url> can be used to setup an alternative
location of where the C<.asc> digital signature is stored.
=head3 sha1_verify()
'Package verified' = sha1_verify($download_path, $package_path);
lib/App/Fetchware.pm view on Meta::CPAN
modify the MD5 sum of that software package on that B<same mirror>. Because of
this limitation MD5 sums can only tell you if the software package was corrupted
while downloading. This can actually happen as I've had it happen to me once.
If your stuck with using MD5 sum, because your software package does not provide
gpg signing, I recommend that you download your SHA1 sums (and MD5 sums) from
your software package's master mirror. For example, Apache provides MD5 and SHA1
sums, but it does not mirror them--you must download them directly from Apache's
servers. To do this specify a C<sha1_url 'master.mirror/package.sha1';> in your
Fetchwarefile.
lib/App/Fetchware.pm view on Meta::CPAN
modify the MD5 sum of that software package on that B<same mirror>. Because of
this limitation MD5 sums can only tell you if the software package was corrupted
while downloading. This can actually happen as I've had it happen to me once.
If your stuck with using MD5 sum, because your software package does not provide
gpg signing, I recommend that you download your MD5 sums (and SHA1 sums) from
your software package's master mirror. For example, Apache provides MD5 and SHA1
sums, but it does not mirror them--you must download them directly from Apache's
servers. To do this specify a C<md5_url 'master.mirror/package.md5';> in your
Fetchwarefile.
lib/App/Fetchware.pm view on Meta::CPAN
Because of this limitation $digest_type sums can only tell you if the software
package was corrupted while downloading. This can actually happen as I've had
it happen to me once.
If your stuck with using $digest_type sum, because your software package does
not provide gpg signing, I recommend that you download your $digest_type sums
(and SHA1 sums) from your software package's master mirror. For example, Apache
provides MD5 and SHA1 sums, but it does not mirror them--you must download them
directly from Apache's servers. To do this specify a
C<$digest_type_url 'master.mirror/package.$digest_type';>' in your Fetchwarefile.
lib/App/Fetchware.pm view on Meta::CPAN
=over
=item * lookup_method can only have 'timestamp' or 'versionstring'. as options.
=item * And verify_method can only have 'gpg', 'sha1', or 'md5' specified.
=back
=back
lib/App/Fetchware.pm view on Meta::CPAN
Mandatory => [ 'lookup_url', <<EOM ],
App-Fetchware: Your Fetchwarefile must specify a lookup_url configuration
option. Please add one, and try again.
EOM
ConfigOptionEnum => ['lookup_method', [qw(timestamp versionstring)] ],
ConfigOptionEnum => ['verify_method', [qw(gpg sha1 md5)] ],
);
Uses config() to test that no configuration options that clash with each other
are used.
lib/App/Fetchware.pm view on Meta::CPAN
=head2 How do I fix the verification failed error.
Fetchware is designed to always attempt to verify the software archives it
downloads even if you failed to configure fetchware's verification settings. It
will try to guess what those setting should be using simple heuristics. First it
will try gpg verificaton, then sha1 verification, and finally md5 verification.
If all fail, then fetchware exit failure with an appropriate error message.
When you get this error message
L<read fetchware's documentation on how to set this up|/4. Add mandatory verification settings>.
lib/App/Fetchware.pm view on Meta::CPAN
or use the shell
fetchware install <some-program.Fetchwarefile 2>&1 /dev/null
=head2 Why don't you use Crypt::OpenPGP instead of the gpg command line program?
I tried to use Crypt::OpenPGP, but I couldn't get it to work. And getting gpg to
work was a breeze after digging through its manpage to find the right command
line options that did what I need it to.
Also, unfortunately Crypt::OpenPGP is buggy, out-of-date, and seems to have
lost another maintainer. If it ever gets another maintainer, who fixes the newer
lib/App/Fetchware.pm view on Meta::CPAN
Supporting Crypt::OpenPGP is still on my TODO list. It's just not very high on
that list. Patches are welcome to add support for it, and the old code is still
there commented out, but it needs updating if anyone is interested.
In the meantime if you're on Windows without simple access to a gpg command line
program, try installing gpg from the L<gpg4win project|http://gpg4win.org/>,
which packages up gpg and a bunch of other tools for easier use on Windows.
=head2 Does fetchware support Windows?
Yes and no. I intend to support Windows, but right now I'm running Linux, and my
Windows virtual machine is broken, so I can't easily test it on Windows. The
App-GhaInstall
view release on metacpan or search on metacpan
lib/App/GhaInstall.pm view on Meta::CPAN
'connect_to_internet_ok' => q[1],
'cpan_home' => qq[$home/.cpan],
'ftp_passive' => q[1],
'ftp_proxy' => q[],
'getcwd' => q[cwd],
'gpg' => q[/usr/bin/gpg],
'gzip' => q[/bin/gzip],
'halt_on_failure' => q[0],
'histfile' => qq[$home/.cpan/histfile],
'histsize' => q[100],
'http_proxy' => q[],
App-Greple-pw
view release on metacpan or search on metacpan
lib/App/Greple/pw.pm view on Meta::CPAN
# Basic usage
greple -Mpw pattern file
# Search in encrypted files
greple -Mpw password ~/secure/*.gpg
# Configure options
greple -Mpw --no-clear-screen --chrome password data.txt
greple -Mpw --config timeout=600 --config debug=1 password file.txt
lib/App/Greple/pw.pm view on Meta::CPAN
to prevent sensitive information from persisting.
=item * B<Encrypted file support>
Seamlessly works with PGP encrypted files using B<greple>'s standard
features. Files with "I<.gpg>" extension are automatically decrypted,
and the B<--pgp> option allows entering the passphrase once for
multiple files.
=item * B<Intelligent pattern recognition>
lib/App/Greple/pw.pm view on Meta::CPAN
=over 4
=item Search for passwords in encrypted files
greple -Mpw password ~/secure/*.gpg
=item Use with specific browser and no screen clearing
greple -Mpw --chrome --no-clear-screen password data.txt
App-Greple
view release on metacpan or search on metacpan
lib/App/Greple/PgpDecryptor.pm view on Meta::CPAN
$obj->fh->fileno;
}
sub decrypt_command {
my $obj = shift;
my $command = "gpg";
my @option = ( qw(--quiet --batch --decrypt) ,
qw(--no-tty --no-mdc-warning) );
sprintf "$command @option --passphrase-fd %d", $obj->pgppassfd;
}
App-LXC-Container
view release on metacpan or search on metacpan
t/mockup-files/dpkg.status view on Meta::CPAN
Important: yes
Package: libgcrypt20
Status: install ok installed
Architecture: amd64
Depends: libc6 (>= 2.34), libgpg-error0 (>= 1.27)
Suggests: rng-tools
Package: libgdk-pixbuf-2.0-0
Status: install ok installed
Architecture: amd64
t/mockup-files/dpkg.status view on Meta::CPAN
Status: install ok installed
Architecture: amd64
Depends: libc6 (>= 2.34), libgmp10 (>= 2:6.2.1+dfsg1), libhogweed6 (>= 3.6), libidn2-0 (>= 2.0.0), libnettle8 (>= 3.7~), libp11-kit0 (>= 0.23.18.1), libtasn1-6 (>= 4.14), libunistring2 (>= 0.9.7)
Suggests: gnutls-bin
Package: libgpg-error0
Status: install ok installed
Architecture: amd64
Depends: libc6 (>= 2.34)
Recommends: libgpg-error-l10n
Package: libgraphite2-3
Status: install ok installed
Architecture: amd64
Depends: libc6 (>= 2.14)
App-MtAws
view release on metacpan or search on metacpan
##### Debian 6 (Squeeze)
Can be installed/updated via custom repository
1. `wget -O - http://mt-aws.com/vsespb.gpg.key | sudo apt-key add -`
(this will add GPG key 2C00 B003 A56C 5F2A 75C4 4BF8 2A6E 0307 **D0FF 5699**)
2. Add repository
##### Debian 7 (Wheezy), including rasbian for Raspberry Pi
Can be installed/updated via custom repository
1. `wget -O - https://mt-aws.com/vsespb.gpg.key | sudo apt-key add -`
(this will add GPG key 2C00 B003 A56C 5F2A 75C4 4BF8 2A6E 0307 **D0FF 5699**)
2. Add repository
##### Debian 8 (Jessie)
Can be installed/updated via custom repository
1. `wget -O - https://mt-aws.com/vsespb.gpg.key | sudo apt-key add -`
(this will add GPG key 2C00 B003 A56C 5F2A 75C4 4BF8 2A6E 0307 **D0FF 5699**)
2. Add repository
App-Notes
view release on metacpan or search on metacpan
=GPG Encryption
Want to write notes about super secret stuff that needs to be secure? It's
incredibly easy to use vim + L<gnupg.vim|https://github.com/jamessan/vim-gnupg>
to create and edit encrypted notes. Just create a note with a C<.gpg> extension
and the plugin will pick it up.
notes add super-secret-stuff.gpg
Vim should open up a bottom window where you can enter GPG Recipients
(via ID, email, name, etc.)i to encrypt the note for. You can use your own
key here, and on save, the note will always be encrypted to disk.
The C<gnupg.vim> also ensures that vim does not write plaintext swap files
to disk when editing gpg encrypted files.
Go forth and secure your notes!
=back
App-Nrepo
view release on metacpan or search on metacpan
lib/App/Nrepo/Plugin/Yum.pm view on Meta::CPAN
$self->repo(), $arch, $dir );
$self->make_dir($dir);
$self->make_dir( File::Spec->catdir( $dir, $self->packages_dir() ) );
#XXX add gpg
#TODO perhaps replace createrepo with pure perl version at some stage
my $createrepo_bin = $self->find_command_path('createrepo');
unless ( $createrepo_bin and -x $createrepo_bin ) {
App-PDF-Link
view release on metacpan or search on metacpan
lib/App/PDF/Link/Icons/XML.pm view on Meta::CPAN
HkFJDTZlAmqBOTeNWlRwCHw4SmaOXpzT2TOOzkaOG6SZVpzjVYB7C4Q7r9a8v+BIRBuQfIvgAgQd
UEAH4E5CGVrq5KQw+9W6+bQhpRw4i1JiKapS24oIQtGG1uw26Jhc5N9OCTSwmBBJo1op3u4APlRg
lKFo+mg5BjpbtjzpkmU/P+QBDPB6zq+/sfu+r+75FElnDbGQaM7wj9vJ7HQQS9KVmPXapiAlS0LO
08znziIci9nLamG2sWEJN9x6mvrpm4+XDN00CggvAEeTbdCuUmO5UDXMHLAAdQxS5EwTCyfdBOk8
9QfyAzg3QI5RloGJ3r/4NEMp3X459fjMMD4F156Y2ZPa52Lze1ikJC0ZKioyzlFrrbiSsUfWqoh9
Z17pqKsz/eRnKwfI5dvSALHOg8gpgzSjScL6S9V4F2ZXFlkKElhRqiU5PBaJMqOATeXIpCSFSTqy
5n1f2fOpZ/36b3WHFcAArjde+9HxjQ9/1Cc6IvP9ZItZMGVvx5is419/nOJ4hlCz2iKfr/mZ43+e
qeXZBmbgHHnJTD+i1oFX0IyD3OgzNe4IZoUeQQjN82xiAaQfqEjDKciBRAJADmzL3Y9AzZo75Lum
fIx+2+TGfhIqtapColQWNniFS4W9X5YEF93PIyy9HS+A91f8TRVYbCUBR6XWF9EKizAC0UaYIE14
eYnxLBwcnHFntUCC8l8JBEYwFo2xpm9eGckWoCcRFS2Hb73l8z/16mc+/shwAzjJ6+0fvWnx8o0P
+girjgc1N8px62dVLeeCM9iCkvbGoGjDqlSBrMMIv3GO4qJnhqDMRNI9X0ObT5Kh3+QWiUsff8oq
App-ParseNetstat
view release on metacpan or search on metacpan
script/parse-netstat view on Meta::CPAN
"type" : "STREAM"
},
{
"flags" : "ACC",
"inode" : "42050",
"path" : "/run/user/1000/gnupg/S.gpg-agent.browser",
"pid" : "1748",
"program" : "systemd",
"proto" : "unix",
"refcnt" : "2",
"state" : "LISTENING",
"type" : "STREAM"
},
{
"flags" : "ACC",
"inode" : "42051",
"path" : "/run/user/1000/gnupg/S.gpg-agent.extra",
"pid" : "1748",
"program" : "systemd",
"proto" : "unix",
"refcnt" : "2",
"state" : "LISTENING",
"type" : "STREAM"
},
{
"flags" : "ACC",
"inode" : "42052",
"path" : "/run/user/1000/gnupg/S.gpg-agent.ssh",
"pid" : "1748",
"program" : "systemd",
"proto" : "unix",
"refcnt" : "2",
"state" : "LISTENING",
"type" : "STREAM"
},
{
"flags" : "ACC",
"inode" : "42053",
"path" : "/run/user/1000/gnupg/S.gpg-agent",
"pid" : "1748",
"program" : "systemd",
"proto" : "unix",
"refcnt" : "2",
"state" : "LISTENING",
App-RecordStream
view release on metacpan or search on metacpan
logos/logo-small.svg view on Meta::CPAN
transform="scale(0.1,0.1)"
id="g12"><g
transform="scale(4682.4,4502.4)"
id="g14"><image
id="image16"
xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAB58AAAdUCAYAAABwqM6aAAAABHNCSVQICAgIfAhkiAAAIABJREFUeJzs3enPZOeZ3/fvfZZan61XNimqKQ01oqCZ0YwRDGADiT0IkEQvjMR5GwTJ3+A/YBIBCeIEhpEJECAGnCAxEscxJh54RjOGI2k00mijdlGkhhqKokh2k713P2stZ7nvv...
transform="matrix(1,0,0,-1,0,1)"
preserveAspectRatio="none"
height="1"
width="1" /></g></g></g></svg>
App-RoboBot
view release on metacpan or search on metacpan
share/ubuntu-xenial-16.04-cloudimg-console.log view on Meta::CPAN
[ 5.147543] input: Sleep Button as /devices/LNXSYSTM:00/LNXSLPBN:00/input/input1
[ 5.149815] ACPI: Sleep Button [SLPF]
[ 5.151471] GHES: HEST is not enabled!
[ 5.153418] Serial: 8250/16550 driver, 32 ports, IRQ sharing enabled
[ 5.177874] 00:03: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
[ 5.186170] Linux agpgart interface v0.103
[ 5.197779] brd: module loaded
[ 5.204758] loop: module loaded
[ 5.206960] scsi host0: ata_piix
[ 5.209658] scsi host1: ata_piix
[ 5.210909] ata1: PATA max UDMA/33 cmd 0x1f0 ctl 0x3f6 bmdma 0xd000 irq 14
App-Tel
view release on metacpan or search on metacpan
lib/App/Tel/Passwd/Pass.pm view on Meta::CPAN
my $self = { debug => $_debug,
%args
};
$self->{file} = __find_password_store($self->{file});
$self->{gpg} ||= ($^O=~/(freebsd|openbsd|netbsd|solaris)/) ? '/usr/local/bin/gpg' : '/usr/bin/gpg';
if (! -x $self->{gpg}) {
croak "$class: gpg executable not found.";
}
if (!defined($self->{file}) || ! -r $self->{file} ) {
$self->{file} ||= '<undefined>';
croak "$class: Can't read file $self->{file}";
lib/App/Tel/Passwd/Pass.pm view on Meta::CPAN
if ($@) {
croak $@;
}
bless( $self, $class );
$self->{pass} = $self->_run($self->{gpg}, $self->{file}, $self->{passwd});
return $self;
}
sub _run {
my ($self, $call, $file, $passphrase) = @_;
lib/App/Tel/Passwd/Pass.pm view on Meta::CPAN
sub __find_password_store {
my $file = shift;
return if (!defined($file));
if ($file !~ /.gpg$/) {
$file .= '.gpg';
}
# if it's an absolute path then treat it as-is.
return $file if ($file =~ m#^/#);
if (defined($ENV{PASSWORD_STORE_DIR})) {
App-contenttype
view release on metacpan or search on metacpan
script/contenttype view on Meta::CPAN
application/oda oda
application/ogg ogx
application/oxps oxps
application/patch-ops-error+xml xer
application/pdf pdf
application/pgp-encrypted gpg
application/pgp-keys key
application/pgp-keys pkr
application/pgp-keys skr
application/pgp-signature asc
application/pgp-signature pgp
App-locket
view release on metacpan or search on metacpan
lib/App/locket.pm view on Meta::CPAN
file (~/.locket/cfg)
edit Edit the cipherstore
The configuration must have an "edit" value, e.g.:
/usr/bin/vim -n ~/.locket.gpg
/<query> Search the cipherstore for <query> and emit the
resulting secret
The configuration must have a "read" value to
tell it how to read the cipherstore. Only piped
commands are supported today, and they should
be something like:
</usr/local/bin/gpg -q --no-tty -d ~/.locket.gpg'
If the found key in the cipherstore is of the format
"<username>@<site>" then the username will be emitted
first before the secret (which is assumed to be a password/passphrase)
lib/App/locket.pm view on Meta::CPAN
my $plaincfg = $self->plaincfg;
if ( ! defined $plaincfg || $plaincfg =~ m/^\S*$/ ) {
$plaincfg = <<_END_;
%YAML 1.1
---
#read: '</usr/bin/gpg -d <file>'
#read: '</usr/bin/openssl des3 -d -in <file>'
#edit: '/usr/bin/vim -n <file>'
#copy: -
#paste: -
_END_
lib/App/locket.pm view on Meta::CPAN
=head2 Encryption/decryption
App::locket defers actual encryption/decryption to external tools. The choice of the actual
cipher/encryption method is left up to you
If you're using GnuPG, then you could use C<gpg-agent> for passphrase prompting and limited retention
=head2 In-memory encryption
App::locket does not perform any in-memory encryption; once the cipherstore is loaded it is exposed in memory
lib/App/locket.pm view on Meta::CPAN
file (~/.locket/cfg)
edit Edit the cipherstore
The configuration must have an "edit" value, e.g.:
/usr/bin/vim -n ~/.locket.gpg
/<query> Search the cipherstore for <query> and emit the
resulting secret
The configuration must have a "read" value to
tell it how to read the cipherstore. Only piped
commands are supported today, and they should
be something like:
</usr/local/bin/gpg -q --no-tty -d ~/.locket.gpg'
If the found key in the cipherstore is of the format
"<username>@<site>" then the username will be emitted
first before the secret (which is assumed to be a password/passphrase)
lib/App/locket.pm view on Meta::CPAN
=head1 Example configuration file
%YAML 1.1
---
read: '</usr/local/bin/gpg --no-tty --decrypt --quiet ~/.locket.gpg'
edit: '/usr/bin/vim -n ~/.locket.gpg'
=head1 AUTHOR
Robert Krimen <robertkrimen@gmail.com>
App-mailmake
view release on metacpan or search on metacpan
scripts/mailmake view on Meta::CPAN
our $err = stderr( binmode => 'utf-8', autoflush => 1 );
@ARGV = map( Encode::decode_utf8( $_ ), @ARGV );
# NOTE: options dictionary
# Tokens use underscores; Getopt::Class automatically exposes them as dashes on the
# command line. Example: gpg_key_id -> --gpg-key-id
my $dict =
{
# Envelope / headers
from => { type => 'string', alias => [qw( f )], required => 1 },
to => { type => 'array', alias => [qw( t )], required => 1 },
scripts/mailmake view on Meta::CPAN
smtp_password => { type => 'string', alias => [qw( password )] },
smtp_tls => { type => 'boolean', default => 0 }, # SMTPS port 465
smtp_starttls => { type => 'boolean', default => 0 }, # STARTTLS
smtp_timeout => { type => 'integer', default => 30 },
# OpenPGP (Mail::Make::GPG - requires gpg and IPC::Run)
gpg_sign => { type => 'boolean', default => 0 },
gpg_encrypt => { type => 'boolean', default => 0 },
gpg_key_id => { type => 'string' },
gpg_passphrase => { type => 'string' },
gpg_recipients => { type => 'array' }, # defaults to --to if omitted
gpg_digest => { type => 'string', default => 'SHA256' },
gpg_bin => { type => 'string' },
gpg_keyserver => { type => 'string' },
gpg_autofetch => { type => 'boolean', default => 0 },
# S/MIME (Mail::Make::SMIME - requires Crypt::SMIME)
smime_sign => { type => 'boolean', default => 0 },
smime_encrypt => { type => 'boolean', default => 0 },
smime_cert => { type => 'file' }, # signer cert (PEM)
scripts/mailmake view on Meta::CPAN
$LOG_LEVEL = 1 if( $VERBOSE );
$LOG_LEVEL = ( 1 + $DEBUG ) if( $DEBUG );
}
# NOTE: Validate mutually exclusive crypto options
if( $opts->{gpg_sign} || $opts->{gpg_encrypt} )
{
if( $opts->{smime_sign} || $opts->{smime_encrypt} )
{
push( @errors, "Cannot combine --gpg-* and --smime-* options." );
}
}
if( @errors )
{
scripts/mailmake view on Meta::CPAN
$mail->attach_inline( path => "$f" ) || _die( $mail->error );
}
}
# Cryptographic operations
if( $opts->{gpg_sign} || $opts->{gpg_encrypt} )
{
$mail = _apply_gpg( $mail ) || return(0);
}
elsif( $opts->{smime_sign} || $opts->{smime_encrypt} )
{
$mail = _apply_smime( $mail ) || return(0);
}
scripts/mailmake view on Meta::CPAN
}
return( _deliver( $mail ) );
}
# _apply_gpg( $mail ) → $mail (possibly a new object) or undef on error
sub _apply_gpg
{
my $mail = shift( @_ );
my %gpg_opts = (
Digest => $opts->{gpg_digest},
);
$gpg_opts{GpgBin} = $opts->{gpg_bin} if( defined( $opts->{gpg_bin} ) );
$gpg_opts{KeyServer} = $opts->{gpg_keyserver} if( defined( $opts->{gpg_keyserver} ) );
$gpg_opts{AutoFetch} = 1 if( $opts->{gpg_autofetch} );
if( $opts->{gpg_sign} || ( $opts->{gpg_sign} && $opts->{gpg_encrypt} ) )
{
$gpg_opts{KeyId} = $opts->{gpg_key_id} if( defined( $opts->{gpg_key_id} ) );
$gpg_opts{Passphrase} = $opts->{gpg_passphrase} if( defined( $opts->{gpg_passphrase} ) );
}
if( $opts->{gpg_encrypt} )
{
# Default recipients to --to if --gpg-recipients not specified
my $rcpts = $opts->{gpg_recipients};
if( !defined( $rcpts ) || !@{$rcpts} )
{
$rcpts = $opts->{to};
}
unless( defined( $rcpts ) && @{$rcpts} )
{
_die( "GPG encryption requires at least one recipient (--gpg-recipients or --to)." );
}
$gpg_opts{Recipients} = $rcpts;
}
my $result;
if( $opts->{gpg_sign} && $opts->{gpg_encrypt} )
{
_message( 2, "Applying GPG sign+encrypt." );
$result = $mail->gpg_sign_encrypt( %gpg_opts );
}
elsif( $opts->{gpg_encrypt} )
{
_message( 2, "Applying GPG encryption." );
$result = $mail->gpg_encrypt( %gpg_opts );
}
else
{
_message( 2, "Applying GPG signature." );
$result = $mail->gpg_sign( %gpg_opts );
}
unless( defined( $result ) )
{
_message( 1, "<red>GPG operation failed:</> ", $mail->error );
scripts/mailmake view on Meta::CPAN
--subject "Test" --plain "Test" --print
# OpenPGP detached signature
mailmake --from alice@example.com --to bob@example.com \
--subject "Signed" --plain "Signed message." \
--gpg-sign --gpg-key-id FINGERPRINT \
--smtp-host mail.example.com
# OpenPGP sign + encrypt
mailmake --from alice@example.com --to bob@example.com \
--subject "Secret" --plain "Encrypted message." \
--gpg-sign --gpg-encrypt \
--gpg-key-id FINGERPRINT --gpg-passphrase secret \
--smtp-host mail.example.com
# S/MIME signature
mailmake --from alice@example.com --to bob@example.com \
--subject "Signed" --plain "Signed message." \
scripts/mailmake view on Meta::CPAN
Connection and command timeout. Default: 30.
=back
=head2 OpenPGP (requires C<gpg> / C<gpg2> and L<IPC::Run>)
OpenPGP options cannot be combined with S/MIME options.
=over 4
=item B<--gpg-sign>
Sign the message (RFC 3156 C<multipart/signed> with detached ASCII signature).
=item B<--gpg-encrypt>
Encrypt the message (RFC 3156 C<multipart/encrypted>).
C<--gpg-sign> and C<--gpg-encrypt> may be combined for sign-then-encrypt.
=item B<--gpg-key-id> FINGERPRINT
Signing key fingerprint or ID (required when C<--gpg-sign> is used).
=item B<--gpg-passphrase> PASSPHRASE
Passphrase to unlock the secret key. When omitted, C<gpg-agent> is expected to handle passphrase prompting.
=item B<--gpg-recipients> ADDRESS [ADDRESS ...]
Recipient key IDs or e-mail addresses for encryption. Defaults to C<--to> when not specified.
=item B<--gpg-digest> ALGORITHM
Hash algorithm for signatures. Default: C<SHA256>.
Valid values: C<SHA256>, C<SHA384>, C<SHA512>, C<SHA1>.
=item B<--gpg-bin> PATH
Full path to the C<gpg> executable. Defaults to searching C<gpg2> then C<gpg> in C<PATH>.
=item B<--gpg-keyserver> URL
Keyserver URL for auto-fetching recipient keys. Only consulted when C<--gpg-autofetch> is set. Example: C<keys.openpgp.org>
=item B<--gpg-autofetch>
Fetch missing recipient public keys from C<--gpg-keyserver> before encrypting.
=back
=head2 S/MIME (requires L<Crypt::SMIME>)
App-optex-textconv
view release on metacpan or search on metacpan
lib/App/optex/textconv.pm view on Meta::CPAN
=item http
Name start with C<http://> or C<https://> is converted to text data
translated by L<w3c(1)> command.
=item gpg
Invoke L<gpg(1)> command to decrypt encrypted files with C<.gpg>
extention.
=item pandoc
Use L<pandoc|https://pandoc.org/> command to translate Microsoft
App-orgadb
view release on metacpan or search on metacpan
lib/App/orgadb.pm view on Meta::CPAN
if ($filename eq '-') {
binmode STDIN, ":encoding(utf8)";
$doc = $parser->parse(join "", <>);
} else {
local $ENV{PERL_ORG_PARSER_CACHE} = $ENV{PERL_ORG_PARSER_CACHE} // 1;
if ($filename =~ /\.gpg\z/) {
require IPC::System::Options;
my $content;
IPC::System::Options::system(
{log=>1, capture_stdout=>\$content, die=>1},
"gpg", "-d", $filename);
$doc = $parser->parse($content);
} else {
$doc = $parser->parse_file($filename);
}
}
App-remarkpl
view release on metacpan or search on metacpan
lib/App/remarkpl/public/remark.min.js view on Meta::CPAN
},a={className:"params",begin:/\(/,end:/\)/,excludeBegin:!0,excludeEnd:!0},r={className:"symbol",variants:[{begin:/\=[lgenxc]=/},{begin:/\$/}]},s={className:"comment",variants:[{begin:"'",end:"'"},{begin:'"',end:'"'}],illegal:"\\n",contains:[e.BACKSL...
},{begin:":\\s*"+t}]}]}}},{name:"hsp",create:function(e){return{case_insensitive:!0,lexemes:/[\w\._]+/,keywords:"goto gosub return break repeat loop continue wait await dim sdim foreach dimtype dup dupptr end stop newmod delmod mref run exgoto on mca...
},contains:[t,{className:"keyword",begin:"\\bend\\sif\\b"},{className:"function",beginKeywords:"function",end:"$",contains:[t,s,e.APOS_STRING_MODE,e.QUOTE_STRING_MODE,e.BINARY_NUMBER_MODE,e.C_NUMBER_MODE,r]},{className:"function",begin:"\\bend\\s+",e...
contains:[{className:"comment",begin:/\(\*/,end:/\*\)/},e.APOS_STRING_MODE,e.QUOTE_STRING_MODE,e.C_NUMBER_MODE,{begin:/\{/,end:/\}/,illegal:/:/}]}}},{name:"matlab",create:function(e){var t=[e.C_NUMBER_MODE,{className:"string",begin:"'",end:"'",contai...
illegal:"</",contains:[e.C_NUMBER_MODE,e.APOS_STRING_MODE,e.QUOTE_STRING_MODE,{className:"string",begin:"`",end:"`",contains:[e.BACKSLASH_ESCAPE]},{begin:"[\\$\\%\\@](\\^\\w\\b|#\\w+|[^\\s\\w{]|{\\w+}|\\w+)"},e.C_LINE_COMMENT_MODE,e.C_BLOCK_COMMENT_M...
contains:[i]});return{aliases:["ps"],lexemes:/-?[A-z\.\-]+/,case_insensitive:!0,keywords:{keyword:"if else foreach return function do while until elseif begin for trap data dynamicparam end break throw param continue finally in switch exit filter try...
},{className:"meta",begin:"#\\!?\\[",end:"\\]",contains:[{className:"meta-string",begin:/"/,end:/"/}]},{className:"class",beginKeywords:"type",end:";",contains:[e.inherit(e.UNDERSCORE_TITLE_MODE,{endsParent:!0})],illegal:"\\S"},{className:"class",beg...
literal:"true false nil"},contains:[e.C_LINE_COMMENT_MODE,e.C_BLOCK_COMMENT_MODE,e.NUMBER_MODE,a,t.preprocessor],illegal:/#/}}},{name:"sql",create:function(e){var t=e.COMMENT("--","$");return{case_insensitive:!0,illegal:/[<>{}*#]/,contains:[{beginKey...
return{aliases:["styl"],case_insensitive:!1,keywords:"if else for in",illegal:"("+o.join("|")+")",contains:[e.QUOTE_STRING_MODE,e.APOS_STRING_MODE,e.C_LINE_COMMENT_MODE,e.C_BLOCK_COMMENT_MODE,a,{begin:"\\.[a-zA-Z][a-zA-Z0-9_-]*"+i,returnBegin:!0,cont...
built_in:"ip eip rip al ah bl bh cl ch dl dh sil dil bpl spl r8b r9b r10b r11b r12b r13b r14b r15b ax bx cx dx si di bp sp r8w r9w r10w r11w r12w r13w r14w r15w eax ebx ecx edx esi edi ebp esp eip r8d r9d r10d r11d r12d r13d r14d r15d rax rbx rcx rdx...
"atelier-lakeside-light":".hljs-atelier-lakeside-light .hljs-comment,.hljs-atelier-lakeside-light .hljs-quote{color:#5a7b8c}.hljs-atelier-lakeside-light .hljs-variable,.hljs-atelier-lakeside-light .hljs-template-variable,.hljs-atelier-lakeside-light ...
App-revealup
view release on metacpan or search on metacpan
share/revealjs/package-lock.json view on Meta::CPAN
}
},
"node_modules/read-pkg-up/node_modules/find-up": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.2.tgz",
"integrity": "sha1-ay6YIrGizgpgq2TWEOzK1TyyTQ8=",
"dev": true,
"dependencies": {
"path-exists": "^2.0.0",
"pinkie-promise": "^2.0.0"
},
share/revealjs/package-lock.json view on Meta::CPAN
},
"dependencies": {
"find-up": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.2.tgz",
"integrity": "sha1-ay6YIrGizgpgq2TWEOzK1TyyTQ8=",
"dev": true,
"requires": {
"path-exists": "^2.0.0",
"pinkie-promise": "^2.0.0"
}
Arepa
view release on metacpan or search on metacpan
install_arepa.pl view on Meta::CPAN
open F, ">>$repo_dists_conf";
close F;
chown($uid, $gid, $repo_dists_conf);
symchmod("g+w", $repo_dists_conf);
my $gpg_dir = $config->get_key("web_ui:gpg_homedir");
print "Creating GPG directory in $gpg_dir\n";
mkpath($gpg_dir);
chown($web_uid, $web_gid, $gpg_dir);
chmod(0700, $gpg_dir);
my $gpg_options = File::Spec->catfile($config->get_key("web_ui:gpg_homedir"),
"options");
if (! -f $gpg_options) {
print "Creating options file $gpg_options\n";
my $keyrings_dir =
File::Spec->catfile(dirname($config->get_key("web_ui:gpg_homedir")),
"keyrings");
mkpath($keyrings_dir);
chown($uid, $gid, $keyrings_dir);
symchmod("g+w", $keyrings_dir);
open F, ">$gpg_options";
print F "keyring $keyrings_dir/uploaders.gpg\n";
close F;
chown($uid, $gid, $gpg_options);
symchmod("g+w", $gpg_options);
}
( run in 2.047 seconds using v1.01-cache-2.11-cpan-e1769b4cff6 )