From 66998ed3d299bede651ad40368bdb270f5f5b0f9 Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <julian.klode@canonical.com>
Date: Wed, 28 Feb 2024 17:04:05 +0100
Subject: Temporarily downgrade key assertions to "soon worthless"

This will only issue warnings instead of errors while we continue
cleaning up our repositories.
---
 methods/gpgv.cc | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

(limited to 'methods')

diff --git a/methods/gpgv.cc b/methods/gpgv.cc
index 20ef2861d..e465c3595 100644
--- a/methods/gpgv.cc
+++ b/methods/gpgv.cc
@@ -253,14 +253,7 @@ string GPGVMethod::VerifyGetSigners(const char *file, const char *outfile,
 	 auto const asserted = atoi(tokens[1].c_str());
 	 auto const pkstr = tokens[2];
 	 if (not asserted)
-	 {
-	    std::string reason;
-	    strprintf(reason, _("untrusted public key algorithm: %s"), pkstr.c_str());
-	    Signers.Worthless.push_back({fpr, reason});
-	    Signers.Good.erase(std::remove_if(Signers.Good.begin(), Signers.Good.end(), [&](std::string const &goodsig)
-					      { return IsTheSameKey(fpr, goodsig); }),
-			       Signers.Good.end());
-	 }
+	    Signers.SoonWorthless.push_back({fpr, pkstr});
       }
       else if (strncmp(buffer, GNUPGGOODSIG, sizeof(GNUPGGOODSIG)-1) == 0)
 	 PushEntryWithKeyID(Signers.Good, buffer, Debug);
-- 
cgit v1.2.3-70-g09d2