Version 2.2 ()

Packages:
Checking the signatures:
  • Import the gpg key:
    $ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys A9AB5AB778FA5C3522FD0378F82F4B16DEC408F8
  • Display the fingerprint:
    $ gpg --fingerprint A9AB5AB778FA5C3522FD0378F82F4B16DEC408F8
  • Check that the fingerprint is correct by asking to a developer on #weechat (chat.freenode.net).
  • Trust the key:
    $ gpg --edit-key A9AB5AB778FA5C3522FD0378F82F4B16DEC408F8
    gpg> trust
  • In directory with package + signature:
    $ gpg --verify weechat-2.2.tar.xz.asc weechat-2.2.tar.xz
  • If the signature is OK you should see a message like this one:
    gpg: Signature made Sat 20 Oct 2012 07:36:35 PM CEST using RSA key ID DEC408F8
    gpg: Good signature from "WeeChat (signing key) <webmaster@weechat.org>"