don't bypass the web of trust (#378) (#379)

* don't bypass the web of trust (#378) the choice whether to use a web of trust and on which trust level is up to the user of PGP/GPG and must not be overriden by tools that are set on top users can decide to ignore this safety net by setting their gpg.conf adequately, defining an alias for `gpg --trust-model=always` or passing the env GPG to blackbox in this way but we should not override their preferences hardcoded * update README add note about the web of trust * fix broken test assume that we have `--quick-generate-key` if we run gpg2 instead of doing a dry run for that (which has side effects that break the test)
2025-12-15 11:03:01 +02:00 · 2024-01-17 14:23:09 +01:00
parent 0e602cf18c
commit 3a137a4a17
4 changed files with 17 additions and 9 deletions
--- a/integrationTest/ithelpers.go
+++ b/integrationTest/ithelpers.go
@@ -421,13 +421,8 @@ Expire-Date: 0

 func hasQuick(t *testing.T) bool {
 	testing.Init()
-	fmt.Println("========== Do we have --quick-generate-key?")
-	err := bbutil.RunBash("gpg2",
-		"--dry-run",
-		"--quick-generate-key",
-		"--batch",
-		"--passphrase", "",
-		"foo", "rsa", "encr")
+	fmt.Println("========== Do we run gpg2?")
+	err := bbutil.RunBash("gpg2", "--version")
 	fmt.Println("========== Done")
 	if err == nil {
 		return true