Introduction
The openpgp go package has been deprecated since 2021.
And it doesn't support ed25519 keys.
I ran into this because I followed the directions for creating a ruleset, but used an ed25519 key to sign it, and then tflint couldn't check the signature.
Proposal
Do one of the following:
- Stabilize "keyless verification", and promote using that.
- Replace the PGP signature method with another signature method (posibly using ed25519 directly)
- Use a different PGP library that is actually maintained.
Introduction
The openpgp go package has been deprecated since 2021.
And it doesn't support ed25519 keys.
I ran into this because I followed the directions for creating a ruleset, but used an ed25519 key to sign it, and then tflint couldn't check the signature.
Proposal
Do one of the following: