From d5b649f80aaf28536c739163c74ac5b7a549a62c Mon Sep 17 00:00:00 2001
From: François Kooman <fkooman@tuxed.net>
Date: Jun 07 2020 10:21:14 +0000
Subject: update to 0.9

verify source tarball (when not bootstrapping)
do not strip binary during build

---

diff --git a/.gitignore b/.gitignore
index 8dd060f..6ccec9b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,3 @@
 /minisign-0.8.tar.gz
+/minisign-0.9.tar.gz
+/minisign-0.9.tar.gz.minisig
diff --git a/minisign.spec b/minisign.spec
index d92f427..d09ac2b 100644
--- a/minisign.spec
+++ b/minisign.spec
@@ -1,23 +1,35 @@
+%bcond_with bootstrap
+
+%global public_key RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3
+
 Name:           minisign
-Version:        0.8
-Release:        4%{?dist}
+Version:        0.9
+Release:        1%{?dist}
 Summary:        A dead simple tool to sign files and verify digital signatures
 License:        ISC
 URL:            https://github.com/jedisct1/minisign
-Source0:        %{url}/archive/%{version}/%{name}-%{version}.tar.gz
+Source0:        %{url}/releases/download/%{version}/minisign-%{version}.tar.gz
+Source1:        %{url}/releases/download/%{version}/minisign-%{version}.tar.gz.minisig
 
 BuildRequires:  libsodium-devel
 BuildRequires:  cmake
 BuildRequires:  gcc
+%if %{without bootstrap}
+BuildRequires:  minisign
+%endif
 
 %description
 Minisign is a dead simple tool to sign files and verify signatures.
 
 %prep
+%if %{without bootstrap}
+/usr/bin/minisign -V -m %{SOURCE0} -x %{SOURCE1} -P %{public_key}
+%endif
+
 %autosetup
 
 %build
-%cmake .
+%cmake -DCMAKE_STRIP=0 .
 %make_build
 
 %install
@@ -30,6 +42,11 @@ Minisign is a dead simple tool to sign files and verify signatures.
 %doc README.md
 
 %changelog
+* Sun Jun 07 2020 François Kooman <fkooman@tuxed.net> - 0.9-1
+- update to 0.9
+- verify source tarball (when not bootstrapping)
+- do not strip binary during build
+
 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.8-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 
diff --git a/sources b/sources
index 5bcfbae..b2fcb76 100644
--- a/sources
+++ b/sources
@@ -1 +1,2 @@
-SHA512 (minisign-0.8.tar.gz) = 79bf626d0c15e39ce3bdf53600038028c0b22904b648074bf516a9ea6962c9486c41244e80637a5fbac090cce1ed9b4b3d57b8a02632646e01b43aa413cd8bd9
+SHA512 (minisign-0.9.tar.gz) = 1934ef5d4d35e1f19483814513059d799432d1d759666e5c087ff918e3a55916719276357bcf5bd2418f80e613d590405b74d3fa3cf60cb2f7d089af6fc06585
+SHA512 (minisign-0.9.tar.gz.minisig) = 7fad01dde38a197b0518d737ef8685e8b2bf70c8b3d3741a4f2c41c825be9e12a9d92ffcfa3ba46c79ed3c1d26662a0b9db0ebbe85670058c50f7f8256628be1