PGPainless 1.0.5

DFix KeyRingInfo.getValidAndExpiredUserIds considering unbound user-ids as valid
2025-09-14 12:49:39 +02:00 · 2022-03-15 15:33:52 +01:00 · 2022-03-15 15:30:41 +01:00
4 changed files with 10 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -5,6 +5,9 @@ SPDX-License-Identifier: CC0-1.0
 # PGPainless Changelog
 ## 1.0.5
 - Security: Fix `KeyRingInfo.getValidAndExpiredUserIds()` accidentally including unbound user-ids
 ## 1.0.4
 - Yet another patch for faulty ASCII armor detection 😒
--- a/README.md
+++ b/README.md
@ -186,7 +186,7 @@ repositories {
 }
 dependencies {
-	implementation 'org.pgpainless:pgpainless-core:1.0.4'
+	implementation 'org.pgpainless:pgpainless-core:1.0.5'
 }
 ```
--- a/pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java
@ -346,6 +346,11 @@ public class KeyRingInfo {
            PGPSignature certification = signatures.userIdCertifications.get(userId);
            PGPSignature revocation = signatures.userIdRevocations.get(userId);
            // Unbound user-id
            if (certification == null) {
                continue;
            }
            // Not revoked -> valid
            if (revocation == null) {
                probablyExpired.add(userId);
--- a/version.gradle
+++ b/version.gradle
@ -5,7 +5,7 @@
 allprojects {
    ext {
        shortVersion = '1.0.5'
-        isSnapshot = true
+        isSnapshot = false
        pgpainlessMinAndroidSdk = 10
        javaSourceCompatibility = 1.8
        bouncyCastleVersion = '1.70'
Author	SHA1	Message	Date
Paul Schaub	2598123948	PGPainless 1.0.5	2022-03-15 15:33:52 +01:00
Paul Schaub	82fb93eea3	DFix KeyRingInfo.getValidAndExpiredUserIds considering unbound user-ids as valid	2022-03-15 15:30:41 +01:00