Don't run gpg when loading package.el

* lisp/emacs-lisp/package.el (package-check-signature): Don't run gpg on startup, but just default to `allow-unsigned'. (package-check-signature): New function to check whether a OpenPGP configuration is found when `allow-unsigned'. (package--check-signature-content, package--check-signature) (package--download-one-archive, package-refresh-contents) (package-install-from-archive): Use function instead of variable throughout. * doc/emacs/package.texi (Package Installation): Document this.
2025-12-15 10:30:25 -08:00 · 2019-07-26 08:30:24 +02:00 · 2019-07-26 08:30:24 +02:00 · 71f76a8025
commit 71f76a8025
parent 6204791728
3 changed files with 34 additions and 16 deletions
--- a/lisp/emacs-lisp/package.el
+++ b/lisp/emacs-lisp/package.el
@ -331,15 +331,13 @@ default directory."
  :risky t
  :version "26.1")

-(defcustom package-check-signature
-  (if (and (require 'epg-config)
-           (epg-find-configuration 'OpenPGP))
-      'allow-unsigned)
+(defcustom package-check-signature 'allow-unsigned
  "Non-nil means to check package signatures when installing.
 More specifically the value can be:
 - nil: package signatures are ignored.
- `allow-unsigned': install a package even if it is unsigned,
-  but if it is signed and we have the key for it, verify the signature.
+- `allow-unsigned': install a package even if it is unsigned, but
+  if it is signed, we have the key for it, and OpenGPG is
+  installed, verify the signature.
 - t: accept a package only if it comes with at least one verified signature.
 - `all': same as t, except when the package has several signatures,
  in which case we verify all the signatures.
@ -353,6 +351,18 @@ contents of the archive."
  :risky t
  :version "27.1")

+(defun package-check-signature ()
+  "Check whether we have a usable OpenPGP configuration.
+If true, and `package-check-signature' is `allow-unsigned',
+return `allow-unsigned', otherwise return the value of
+`package-check-signature'."
+  (if (eq package-check-signature 'allow-unsigned)
+      (progn
+        (require 'epg-config)
+        (and (epg-find-configuration 'OpenPGP)
+             'allow-unsigned))
+    package-check-signature))
+
 (defcustom package-unsigned-archives nil
  "List of archives where we do not check for package signatures."
  :type '(repeat (string :tag "Archive name"))
@ -1279,15 +1289,15 @@ errors."
      (dolist (sig (epg-context-result-for context 'verify))
        (if (eq (epg-signature-status sig) 'good)
            (push sig good-signatures)
-          ;; If package-check-signature is allow-unsigned, don't
+          ;; If `package-check-signature' is allow-unsigned, don't
          ;; signal error when we can't verify signature because of
          ;; missing public key.  Other errors are still treated as
          ;; fatal (bug#17625).
-          (unless (and (eq package-check-signature 'allow-unsigned)
+          (unless (and (eq (package-check-signature) 'allow-unsigned)
                       (eq (epg-signature-status sig) 'no-pubkey))
            (setq had-fatal-error t))))
      (when (or (null good-signatures)
-                (and (eq package-check-signature 'all)
+                (and (eq (package-check-signature) 'all)
                     had-fatal-error))
        (package--display-verify-error context sig-file)
        (signal 'bad-signature (list sig-file)))
@ -1318,7 +1328,7 @@ else, even if an error is signaled."
      :async async :noerror t
      ;; Connection error is assumed to mean "no sig-file".
      :error-form (let ((allow-unsigned
-                         (eq package-check-signature 'allow-unsigned)))
+                         (eq (package-check-signature) 'allow-unsigned)))
                    (when (and callback allow-unsigned)
                      (funcall callback nil))
                    (when unwind (funcall unwind))
@ -1602,7 +1612,7 @@ similar to an entry in `package-alist'.  Save the cached copy to
           (local-file (expand-file-name file dir)))
      (when (listp (read content))
        (make-directory dir t)
-        (if (or (not package-check-signature)
+        (if (or (not (package-check-signature))
                (member name package-unsigned-archives))
            ;; If we don't care about the signature, save the file and
            ;; we're done.
@ -1654,7 +1664,7 @@ downloads in the background."
  (let ((default-keyring (expand-file-name "package-keyring.gpg"
                                           data-directory))
        (inhibit-message (or inhibit-message async)))
-    (when (and package-check-signature (file-exists-p default-keyring))
+    (when (and (package-check-signature) (file-exists-p default-keyring))
      (condition-case-unless-debug error
          (package-import-keyring default-keyring)
        (error (message "Cannot import default keyring: %S" (cdr error))))))
@ -1901,7 +1911,7 @@ if all the in-between dependencies are also in PACKAGE-LIST."
         (file (concat (package-desc-full-name pkg-desc)
                       (package-desc-suffix pkg-desc))))
    (package--with-response-buffer location :file file
-      (if (or (not package-check-signature)
+      (if (or (not (package-check-signature))
              (member (package-desc-archive pkg-desc)
                      package-unsigned-archives))
          ;; If we don't care about the signature, unpack and we're