[05:53:22] <dol-sen> SPEC requirements......: 218 [05:53:23] <dol-sen> ============================= [05:53:23] <dol-sen> SPEC Approved..........: 81 Given that enforcing the spec doesn't seem to be going well, maybe it's time to start enforcing it infra side. I'm thinking of: 1. Big fat warning on mailing list (-core?). 2. Warn about it to devs while pushing for 4 weeks. 3. Afterwards, explicitly exclude all keys that don't match the spec (i.e. reject pushes).
YES!!!! I agree fully gkeys-ldap update-seeds.sh script is automated to the point of only requiring manual ssh key password and gkeys gpg key password. from there gkeys install-key -C gentoo-devs && gkeys spec-check -C gentoo-devs for a full report, but individual devs can also be queried. I posted an email to -core with the complete spec-check report so all devs can look up their own key in that list.
I've actually created a trivial tool that works out of the box and doesn't carry all the historical baggage [1]. It works in the existing system, and is trivial to use: glep63-check -k KEYID Returns 0 for valid, 1 for not meeting minimal requirements. [1]:https://github.com/mgorny/glep63-check
