* close opened file handles
* don't create QFile objects that are never used
* check for locality as it must with the current implementation be local files we're checking
* get rid of the unhelpful Private class method and merge it into the main class method
* don't append .asc to the packagePath accidentally when making the sig path
it was like pulling on a thread in a sweater: the changes just kept rolling
into each other...
* don't load all the keys at start, just cache them as they are requested
* use GpgContext::key to get the key for us rather than looping through all keys
* fix SignedBy so it doesn't say a key is signed by every other key(!)
* FullTrus*t*ed
this should not be writable by the user, but is readable. safer than
picking the first dir that matches ... which would usually be in the
user's own dir. *facepalm*
Make really really sure the user wants to install the widget on his
system. Indeed, they're scripted and the user might not trust the source
so provide some information on them and the ability to cancel the
action.
Implementation wise it uses a KMessageBox from a job which is really not
great but the best we can do so far (remote widget support needs a
refactoring to be able to improve that). Also, the bad bad man forced
me to use a HTML table in the message box label to align properly the
information... yes, aseigo, looking at you... the 90s are calling their
HTML tables back!
Get the original package metadata's icon and inject this information
into the package metadata that is going to be sent to the remote targets.
This way we are able to use the icon in several UIs which makes things
more beautiful ;)
CCMAIL:ervin@kde.org
Signed-off-by: Artur Duque de Souza <asouza@kde.org>
