ghaction-import-gpg
ghaction-import-gpg copied to clipboard
GitHub Action to import a GPG key
Bumps [openpgp](https://github.com/openpgpjs/openpgpjs) from 5.3.1 to 5.4.0. Release notes Sourced from openpgp's releases. v5.4.0 Fix CleartextMessage signature generation over text with trailing whitespace and \r\n line endings (#1548) Throw in encryptSessionKey...
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.9.0 to 1.9.1. Changelog Sourced from @actions/core's changelog. 1.9.1 Randomize delimiter when calling core.exportVariable Commits See full diff in compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@actions/core&package-manager=npm_and_yarn&previous-version=1.9.0&new-version=1.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve...
### Behaviour #### Steps to reproduce this issue 1. Create a key with subkeys. 2. Add a subkey for signing using ecdsa. 3. Add a subkey for signing using RSA....
### Behaviour When multiple runners on the same machine simultaneously run a job using this action it often happens that this action's cleanup in one runner will clean the key...
### Behaviour When I use this action to set up gpg, it imports the private key just fine, but it doesn't set any trust. For the deployment that I am...
### Behaviour Post-cleanup GPG action fails if the same key is imported twice. This generates unnecessary warning that is not possible to correct from the user's perspective. Some background: I...
For users that use gpg keys for ssh auth, it would be amazing if this action also set up for forwarding of ssh-agent to gpg-agent such that we could use...
Bumps [ip](https://github.com/indutny/node-ip) from 2.0.0 to 2.0.1. Commits 3b0994a 2.0.1 32f468f lib: fixed CVE-2023-42282 and added unit test See full diff in compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ip&package-manager=npm_and_yarn&previous-version=2.0.0&new-version=2.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any...
Bumps [openpgp](https://github.com/openpgpjs/openpgpjs) from 5.11.0 to 5.11.1. Commits 026b348 5.11.1 711c418 Run npm audit a4e2c56 Use JS fallback code for RSA message decryption in Node if PKCS#1 is not supp... 7a6b41f...
This was easy to miss during the process of setting up the action, and it would have been nice for it to be more explicit when we were setting this...