Tags give the ability to mark specific points in history as being important
  • 46c6d93   2.2.3 release
  • 2.2.3   monkeysign Debian release 2.2.3
  • 2.2.2   2.2.2 release
    39945fab · prepare 2.2.2 release ·
  • 2.2.1   fix reproducible builds and CI again
    3f15bfaf · fix trove classifier ·
  • 2.2.0   tor support

    I have just released Monkeysign 2.2.0. This release was made to support Tor and fix a few issues with the build system. This deprecates the 2.1.x branch, see the branches status page for more detailed information on supported branches. Note that the full change log is now available online, in the history section.

    Monkeysign is a user-friendly tool to easily and securely exchange OpenPGP key certifications. See the homepage for more information.

    As usual, to install Monkeysign, see the install documentation. If you are interested in contributing to the project, you can find more information in the new contributing section. Finally, see the usage section for more information about how to use Monkeysign.

    Happy signing!

  • 2.1.4   GnuPG 2.1 support, --local = --nomail, --test, CI * complete GnuPG 2.1 support * --local implies --no-mail * ship tests with program, accessible with --test * stop hardcoding version numbers * enable Debian CI builds

    I have just released Monkeysign 2.1.4. This important release marks the first release to fully support GnuPG 2.1. Those paying attention will also notice ta 2.1.3 was not announced here: it was a Debian-only release that aimed to fix build errors on Debian's infrastructure so I didn't feel it was important to announce it here.

    I am still allowing a few non-critical changes, in the hope of easing diagnostics and support in the future. Here is the full list of changes:

    • --local now implies --no-mail (Closes: #719242)
    • ship tests with program, accessible with --test parameter
    • stop hardcoding version numbers in code, use setuptools-scm instead
    • enable tests at build time and Debian CI (autopkgtest)
    • complete GnuPG 2.1 support: test suite now passes!

    Monkeysign is a user-friendly tool to easily and securely exchange OpenPGP key certifications. See the homepage for more information.

    As usual, to install Monkeysign, see the install documentation. If you are interested in contributing to the project, you can find more information in the new contributing section. Finally, see the usage section for more information about the new features of Monkeysign 2.1.x.

    Happy signing!

  • 2.1.3   fix build in Debian sid
    6c60688a · prepare new release ·
  • 2.1.2   reroll 2.1.1 release with properly set internal version
  • 2.1.1   fix upgrades from 2.1.0 and update documentation

    this release was retired because of a mistake in the release process: the version number wasn't bumped internally, so it looks like 2.1.0 in --version. 2.1.2 supercedes this release.

  • 2.1.0   monkeysign 2.1.0 * new minor release for new features and lots of bugfixes, outline: * GnuPG 2.1 support * better handling of corner cases (revoked or expired key material, large webcams) and better error messages) * better SMTP support (no cleartext, SSMTP) * move everything to 0xACAB.org to ease collaboration * expand and convert documentation to reStructured Text and ship it in a -doc package * command to sendmail customizable through --mta (message piped through stdin) or --mua (encrypted key attached on the commandline) * space-separated fingerprints allowed for -u, which means -u needs to be separated from the signed fingerprint with -- now * configuration file support, which is written with --save * crude preferences window in GUI * detailed changelog below - this is the result of 2 years of work!

    The 2.1.0 release was published today to Debian unstable and (a novelty) on PyPI. This release fixes numerous bugs and implements a bunch of new features as well. The most notable features are support for third-party email clients, configuration files and preliminary GnuPG 2.1 support. Key bugfixes include better handling of revoked and expired key material that has been plaguing us for years.

    The complete changelog is available on the new collaborative Gitlab platform hosted at 0xACAB.org, along with a new issue queue. The documentation was also completely revamped and moved to ReadTheDocs.io. It is also shipped in a -doc Debian package for offline viewing.

    The bugfixes have unfortunately not been integrated in the 2.0.x branch, which means that Debian Jessie and derivatives will probably not see those updates unless someone goes through the painstaking process of picking and backporting specific patches to fix various issues. Furthermore, it is not yet completely clear that all those issues are fixed, so I will wait until the 2.1.x branch matures before attempting such a backport. In particular, it is possible the GnuPG 2.1 support may still be lacking, see issue #9 for more information about this epic battle.

    Around 10 different people contributed to this release, including 4 new translators, 4 new developers and a new documentation person! It is hoped that the new collaborative platform will make new contributions more easily shared and discussed and will bring new maintainers to the project. Those people are now documented in a special section of the program, hopefully I haven't forgotten anyone.

    To install Monkeysign, see the completely revamped install documentation. If you are interested in contributing to the project, you can find more information in the new contributing section. And we have started a new usage manual that would welcome your review, feedback and improvements.

    Enjoy this new release of Monkeysign!

  • 2.0.2   monkeysign (2.0.2) unstable; urgency=medium * this patch releases fixes critical issues... * reported in the Debian BTS: * encode prompt properly before prompting (closes #771032) * try to handle error when import actually works in GTK UI (closes #770900) * improve debugging by wrapping all writes to gnupg in debug * use the proper index when selecting key to sign (closes #771034) * reported on the Monkeysphere mailing list: * hotfix: properly verify the image signature file * hotfix: disable scrolling in qrcode window * don't try to remove non-existent video device, and clarify error message * output --version to stdout and don't make it an error * those fix FTBS issues: * fix tests after cd4e18c: guess encoding properly * update zack's key so tests succeed again * and this makes sure this package will be easier to support for the lifetime of jessie * improve error handling again: distinguish different failure cases and clearly transmit GPG errors -- Antoine Beaupré <anarcat@debian.org> Mon, 01 Dec 2014 21:03:56 -0500
  • 2.0.1   monkeysign (2.0.1) unstable; urgency=medium * hot patch release while we still can before jessie: * fix tests under GnuPG 2.x * improve usage to clarify -u, --cert-level and --to * fix version number to include patch release * explicitely set debian/copyright version -- Antoine Beaupré <anarcat@debian.org> Mon, 20 Oct 2014 22:24:37 -0400
  • 2.0.0   monkeysign (2.0.0) unstable; urgency=medium * new features: * implement qrcode image import, to allow people without webcams to import pictures from a trusted camera - the images must be signed with a detached signature on pain of a ugly warning with instructions. * move to bugs-everywhere instead of that crazy TODO file * udate french translation * usability improvements: * interface simplified: only the qrcode and webcam with instructions * all options moved to menus, including the print/save buttons, the video and identity dropdowns * properly handle exceptions in gtk UI * avoid duplicate camera listing and display nicer name (Closes: #718796) * create a set of mockups for a UI redesign and API documentation rendered at http://monkeysign.readthedocs.org/ * bug fixes: * fix "Content-description" to be more useful (Closes: #723677) * support monkeysign --version", thanks to Gabriel Fillion (Closes: #725113) * add debugging info from smtp connection, thanks to Gabriel Filion (Closes: #756540) * some improvements were done in the GnuPG library to work around certain GnuPG corner cases and describe problems better * switch to long term support strategy for the 2.0.x release in preparation for Debian Jessie -- Antoine Beaupré <anarcat@debian.org> Sat, 18 Oct 2014 13:25:54 -0400
  • 1.2   monkeysign (1.2) unstable; urgency=medium * improve python 3 compatibility, partially (Closes: #725059) * update translation strings * spanish translation, thanks to lilbit * partial french translation * Czech translation, thanks to Michal Čihař * Bug fix: "build_slides fails of two reasons", thanks to Felix Dreissig (Closes: #738731). * Bug fix: "build_manpage only works because of PyGTK encoding changes", thanks to Felix Dreissig (Closes: #738730). * Bug fix: "build_trans fails if called seperately", thanks to Felix Dreissig (Closes: #738732). -- Antoine Beaupré <anarcat@debian.org> Thu, 28 Aug 2014 20:23:57 -0700
    7d692d38 · properly configure gbp ·
  • 1.1   monkeysign (1.1) unstable; urgency=low [Antoine Beaupré] * improved SMTP support: * SMTP username and passwords can be passed as commandline arguments * SMTP password is prompted if not specified * use STARTTLS if available * enable SMTP debugging only debugging is enabled * show the unencrypted email with --no-mail (Closes: #720049) * warn when gpg-agent is not running or failing (Closes: #723052) * set GPG_TTY if it is missing (Closes: #719908) * bail out on already signed keys (Closes: #720055) * mention monkeyscan in the package description so it can be found more easily * fix python-pkg-resources dependency * don't show backtrace on control-c * add missing files to .gitignore (Closes: #724007) * ship with a neat little slideshow to make presentations [Philip Jägenstedt] * fix some typos (Closes: #722964) * add --cert-level option (Closes: #722740) -- Antoine Beaupré <anarcat@debian.org> Tue, 01 Oct 2013 00:22:30 +0200
  • 1.0   monkeysign (1.0) unstable; urgency=low * stop copying secrets to the temporary keyring * make sure we use the right signing key when specified * signatures on multiple UIDs now get properly sent separately (Closes: #719241) * this includes "deluid" support on the gpg library * significantly refactor email creation * improve unit tests on commandline scripts, invalid (revoked) keys and timeout handling * provide manpages (Closes: #716674) * avoid showing binary garbage on export when debugging * properly fail if password confirmation fails * user interfaces now translatable * accept space-separated key fingerprints * fix single UID key signing * proper formatting of UIDs with comments (removed) and spaces (wrapped) for emails -- Antoine Beaupré <anarcat@debian.org> Wed, 14 Aug 2013 20:51:44 -0400
  • 0.9   monkeysign (0.9) unstable; urgency=low * refactor unit tests again to optimise UI tests and test mail generation * fix error handling in encryption/decryption (Closes: #717622) * rename msign-cli to monkeysign and msign to monkeyscan (Closes: #717623) * handle interruptions cleanly when choosing user IDs (see: #716675) -- Antoine Beaupré <anarcat@debian.org> Tue, 23 Jul 2013 10:56:50 -0400
  • 0.8   monkeysign (0.8) unstable; urgency=low * refactor unit test suite to allow testing the commandline tool interactively * don't fail on empty input when choosing uid (Closes: #716675) * we also explain how to refuse signing a key better * optimise network tests so they timeout (so fail) faster -- Antoine Beaupré <anarcat@debian.org> Wed, 17 Jul 2013 22:52:02 -0400
    a9d81360 · prepare 0.8 ·
  • 0.7.1   monkeysign (0.7.1) unstable; urgency=low * fix binary package dependency on python * update to debhelper 9 * update to standards 3.9.4, no change -- Antoine Beaupré <anarcat@debian.org> Sun, 07 Jul 2013 09:58:56 -0400
    da1e3f70 · fix python build ·
  • 0.7   monkeysign (0.7) unstable; urgency=low * fix crash when key not found on keyservers * use a proper message in outgoing emails * unit tests extended to cover user interface * import keys from the local keyring before looking at the keyserver * fix print/save exports (thanks Simon!) * don't depend on a graphical interface * update copyright dates and notices * mark as priority: optional instead of extra -- Antoine Beaupré <anarcat@debian.org> Sat, 06 Jul 2013 01:07:28 -0400
    bb3ead27 · update release time ·