debsig-verify - Debian package signature verification tool

This tool inspects and verifies binary package digital signatures based
on predetermined policies, complementing repository signatures or allowing
to verify the authenticity of a package even after download when detached
from a repository.


Releases
--------

The current legacy, stable and development releases can be found at:

  <https://deb.debian.org/debian/pool/main/d/debsig-verify/>

For older releases check:

  <https://snapshot.debian.org/package/debsig-verify/>


Mailing List
------------

The subscription interface and web archives can be found at:

  <https://lists.debian.org/debian-dpkg/>

The mailing list address is (no subscription required to post):

  debian-dpkg@lists.debian.org


Source Repository
-----------------

The primary repository can be browsed and cloned from:

  <https://git.dpkg.org/cgit/dpkg/debsig-verify.git>


Building from git source
------------------------

To prepare the debsig-verify source tree from git before starting the build
process some required software needs to be installed:

  GNU autoconf >= 2.60
  GNU automake >= 1.11

After installing the needed software, and running the following command on
the git tree:

  $ ./autogen

the source should be roughly equivalent to the distributed tar source.


Building from source
--------------------

The minimum software required to configure and build debsig-verify from a
tarball is:

  C99 compiler
  GNU make
  pkgconf
  libdpkg-dev
  libexpat1-dev

The build process is done by running the usual «./configure; make check».
To see all available configuration options please run «./configure --help».