Skip to content

pacman-key: Don't check gpg's trustdb after each key revocation

The trustdb is marked as dirty when a key is revoked[1] and GPG will recheck it the next time. Checking the trustdb can take 300-500ms which with 52 revoked keys (and counting) adds up.

This is very noticeable when initializing and populating pacman's keyring like archiso is doing[2]. It is also unnecessary as the trustdb is always checked as the last step when populating the keyring.

[1] https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=g10/keyedit.c;h=1cb62de8a87a823e06b2ed74efdc9e7a4cd99e2b;hb=refs/heads/STABLE-BRANCH-2-2#l6509 [2] archlinux/archiso#191 (closed)

Edited by Kristian Klausen

Merge request reports

Loading