Skip to content

feat(config)!: replace kbpgp with gpg CLI #37147

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat(config)!: replace kbpgp with gpg CLI #37147

wants to merge 5 commits into from
+141 −205

Conversation

viceice
Copy link
Member

@viceice viceice commented Jul 24, 2025

Changes

Replace the kbpgp with the gnupg cli.
It's a little slower than the js variant.

Context

Documentation (please check one with an [x])

  • I have updated the documentation, or
  • No documentation update is required

How I've tested my work (please select one)

I have verified these changes via:

  • Code inspection only, or
  • Newly added/modified unit tests, or
  • No unit tests but ran on a real repository, or
  • Both unit tests + ran on a real repository

@viceice viceice requested review from rarkins and secustor July 24, 2025 14:23
@viceice viceice added ci:allow-undesirable Skip the undesirable files CI check and removed ci:allow-undesirable Skip the undesirable files CI check labels Jul 24, 2025
astellingwerf
astellingwerf reviewed Jul 24, 2025
View reviewed changes
astellingwerf
astellingwerf reviewed Jul 24, 2025
View reviewed changes
@viceice
fix: quote file paths to allow spaces
d489c01 
Can maybe happen on windows when temp is pointing to a path with whitespace.
secustor
secustor previously approved these changes Jul 25, 2025
View reviewed changes
rarkins
rarkins suggested changes Jul 25, 2025
View reviewed changes
Copy link
Contributor

@rarkins rarkins left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to decide if this is breaking or not

@rarkins rarkins changed the title feat(config): replace kbpgp with gnupg feat(config): replace kbpgp with gpg CLI Aug 12, 2025
rarkins
rarkins suggested changes Aug 12, 2025
View reviewed changes
Copy link
Contributor

@rarkins rarkins left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we make this a breaking change and bump a major release?

@rarkins rarkins changed the title feat(config): replace kbpgp with gpg CLI feat(config)!: replace kbpgp with gpg CLI Aug 13, 2025
@viceice viceice added the breaking Breaking change, requires major version bump label Aug 14, 2025
@viceice viceice added this to the v42 milestone Aug 14, 2025
@viceice viceice requested a review from rarkins August 14, 2025 08:08
@viceice viceice mentioned this pull request Sep 18, 2025
Open
jamietanna
jamietanna reviewed Oct 16, 2025
View reviewed changes
package.json
"@pnpm/parse-overrides": "1001.0.2",
"@qnighy/marshal": "0.1.3",
"@renovatebot/detect-tools": "1.1.0",
"@renovatebot/kbpgp": "4.0.1",
Copy link
Contributor

@jamietanna jamietanna Oct 16, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it worth then deprecating this library? Looks like it's only Renovate using it: https://deps.dev/npm/%40renovatebot%2Fkbpgp/4.0.3/dependents

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sure, but i'm thinking of using https://github.com/renovatebot/pgp (dotnet wasm variant) instead of the cli 🤔

@ianlewis ianlewis mentioned this pull request Oct 20, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jamietanna jamietanna jamietanna left review comments

@secustor secustor secustor left review comments

+2 more reviewers

@astellingwerf astellingwerf astellingwerf left review comments

@rarkins rarkins rarkins approved these changes

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

breaking Breaking change, requires major version bump

Projects

None yet

Milestone

v42

Development

Successfully merging this pull request may close these issues.

Replace openpgp with gpg cli

5 participants

@viceice @astellingwerf @jamietanna @rarkins @secustor