libalpm: remove unused _alpm_transstate_t STATE_IDLE

The old wording implied that the function would return -1 if the
signature was invalid (alpm_sigresult_t->validity). When really it means
if a correctly formatted signature exists at all.

doc/pacman.conf.5.asciidoc

@@ -318,12 +318,12 @@ When to Check::
 	*Never*;;
 		All signature checking is suppressed, even if signatures are present.
 
-	*Optional* (default);;
+	*Optional*;;
 		Signatures are checked if present; absence of a signature is not an
 		error. An invalid signature is a fatal error, as is a signature from a
 		key not in the keyring.
 
-	*Required*;;
+	*Required* (default);;
 		Signatures are required; absence of a signature or an invalid signature
 		is a fatal error, as is a signature from a key not in the keyring.
 
@@ -349,7 +349,7 @@ level signatures for packages.
 The built-in default is the following:
 
 --------
-SigLevel = Optional TrustedOnly
+SigLevel = Required TrustedOnly
 --------
 
 

doc/repo-add.8.asciidoc

@@ -75,6 +75,9 @@ repo-add Options
 	Only add packages that are not already in the database.  Warnings will be
 	printed upon detection of existing packages, but they will not be re-added.
 
+*-p, \--prevent-downgrade*::
+	Do not add package to database if a newer version is already present
+
 *\--include-sigs*::
 	Include package PGP signatures in the repository database (if available)
 

lib/libalpm/alpm.h

@@ -242,8 +242,6 @@ typedef enum _alpm_errno_t {
 	ALPM_ERR_DB_INVALID,
 	/** Database has an invalid signature */
 	ALPM_ERR_DB_INVALID_SIG,
-	/** Database is signed by an invalid key */
-	ALPM_ERR_DB_INVALID_KEY,
 	/** The localdb is in a newer/older format than libalpm expects */
 	ALPM_ERR_DB_VERSION,
 	/** Failed to write to the database */
@@ -287,8 +285,6 @@ typedef enum _alpm_errno_t {
 	ALPM_ERR_PKG_INVALID_CHECKSUM,
 	/** Package has an invalid signature */
 	ALPM_ERR_PKG_INVALID_SIG,
-	/** Package is signed by an invalid key */
-	ALPM_ERR_PKG_INVALID_KEY,
 	/** Package does not have a signature */
 	ALPM_ERR_PKG_MISSING_SIG,
 	/** Cannot open the package file */
@@ -304,8 +300,6 @@ typedef enum _alpm_errno_t {
 	ALPM_ERR_SIG_MISSING,
 	/** Signatures are invalid */
 	ALPM_ERR_SIG_INVALID,
-	/** Keys are missing from keyring */
-	ALPM_ERR_KEY_MISSING,
 	/* Dependencies */
 	/** Dependencies could not be satisfied */
 	ALPM_ERR_UNSATISFIED_DEPS,
@@ -487,7 +481,7 @@ typedef struct _alpm_siglist_t {
  * Check the PGP signature for the given package file.
  * @param pkg the package to check
  * @param siglist a pointer to storage for signature results
- * @return 0 if valid, -1 if an error occurred or signature is invalid
+ * @return 0 on success, -1 if an error occurred or signature is missing
  */
 int alpm_pkg_check_pgp_signature(alpm_pkg_t *pkg, alpm_siglist_t *siglist);
 
@@ -495,7 +489,7 @@ int alpm_pkg_check_pgp_signature(alpm_pkg_t *pkg, alpm_siglist_t *siglist);
  * Check the PGP signature for the given database.
  * @param db the database to check
  * @param siglist a pointer to storage for signature results
- * @return 0 if valid, -1 if an error occurred or signature is invalid
+ * @return 0 on success, -1 if an error occurred or signature is missing
  */
 int alpm_db_check_pgp_signature(alpm_db_t *db, alpm_siglist_t *siglist);
 

lib/libalpm/be_package.c

@@ -341,17 +341,15 @@ int _alpm_pkg_validate_internal(alpm_handle_t *handle,
 	/* even if we don't have a sig, run the check code if level tells us to */
 	if(level & ALPM_SIG_PACKAGE) {
 		const char *sig = syncpkg ? syncpkg->base64_sig : NULL;
-		int ret;
 		_alpm_log(handle, ALPM_LOG_DEBUG, "sig data: %s\n", sig ? sig : "<from .sig>");
 		if(!has_sig && !(level & ALPM_SIG_PACKAGE_OPTIONAL)) {
 			handle->pm_errno = ALPM_ERR_PKG_MISSING_SIG;
 			return -1;
 		}
-		ret = _alpm_check_pgp_helper(handle, pkgfile, sig,
+		if(_alpm_check_pgp_helper(handle, pkgfile, sig,
 					level & ALPM_SIG_PACKAGE_OPTIONAL, level & ALPM_SIG_PACKAGE_MARGINAL_OK,
-					level & ALPM_SIG_PACKAGE_UNKNOWN_OK, sigdata);
-		if(ret) {
-			handle->pm_errno = ret == -1 ? ALPM_ERR_PKG_INVALID_SIG : ALPM_ERR_PKG_INVALID_KEY;
+					level & ALPM_SIG_PACKAGE_UNKNOWN_OK, sigdata)) {
+			handle->pm_errno = ALPM_ERR_PKG_INVALID_SIG;
 			return -1;
 		}
 		if(validation && has_sig) {
@@ -768,7 +766,6 @@ int SYMEXPORT alpm_pkg_load(alpm_handle_t *handle, const char *filename, int ful
 
 			if(fail) {
 				_alpm_log(handle, ALPM_LOG_ERROR, _("required key missing from keyring\n"));
-				handle->pm_errno = ALPM_ERR_KEY_MISSING;
 				free(sigpath);
 				return -1;
 			}

lib/libalpm/be_sync.c

@@ -126,7 +126,6 @@ static int sync_db_validate(alpm_db_t *db)
 			db->status &= ~DB_STATUS_VALID;
 			db->status |= DB_STATUS_INVALID;
 			db->handle->pm_errno = ALPM_ERR_DB_INVALID_SIG;
-			db->handle->pm_errno = ret == -1 ? ALPM_ERR_PKG_INVALID_SIG : ALPM_ERR_PKG_INVALID_KEY;
 			return 1;
 		}
 	}

lib/libalpm/dload.c

@@ -1322,7 +1322,7 @@ int SYMEXPORT alpm_fetch_pkgurl(alpm_handle_t *handle, const alpm_list_t *urls,
 	char *temporary_cachedir = NULL;
 	alpm_list_t *payloads = NULL;
 	const alpm_list_t *i;
-	alpm_event_t event = {0};
+	alpm_event_t event;
 
 	CHECK_HANDLE(handle, return -1);
 	ASSERT(*fetched == NULL, RET_ERR(handle, ALPM_ERR_WRONG_ARGS, -1));

lib/libalpm/error.c

@@ -72,8 +72,6 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
 			return _("invalid or corrupted database");
 		case ALPM_ERR_DB_INVALID_SIG:
 			return _("invalid or corrupted database (PGP signature)");
-		case ALPM_ERR_DB_INVALID_KEY:
-			return _("database signature has missing or invalid PGP key");
 		case ALPM_ERR_DB_VERSION:
 			return _("database is incorrect version");
 		case ALPM_ERR_DB_WRITE:
@@ -117,8 +115,6 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
 			return _("invalid or corrupted package (checksum)");
 		case ALPM_ERR_PKG_INVALID_SIG:
 			return _("invalid or corrupted package (PGP signature)");
-		case ALPM_ERR_PKG_INVALID_KEY:
-			return _("package signature has missing or invalid PGP key");
 		case ALPM_ERR_PKG_MISSING_SIG:
 			return _("package missing required signature");
 		case ALPM_ERR_PKG_OPEN:
@@ -134,8 +130,6 @@ const char SYMEXPORT *alpm_strerror(alpm_errno_t err)
 			return _("missing PGP signature");
 		case ALPM_ERR_SIG_INVALID:
 			return _("invalid PGP signature");
-		case ALPM_ERR_KEY_MISSING:
-			return _("PGP key missing from keyring");
 		/* Dependencies */
 		case ALPM_ERR_UNSATISFIED_DEPS:
 			return _("could not satisfy dependencies");

lib/libalpm/signing.c

@@ -233,14 +233,9 @@ int _alpm_key_in_keychain(alpm_handle_t *handle, const char *fpr)
 		_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup failed, unknown key\n");
 		ret = 0;
 	} else if(gpg_err_code(gpg_err) == GPG_ERR_NO_ERROR) {
-		if(key->expired) {
-			_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup success, but key is expired\n");
-			ret = 0;
-		} else {
-			_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup success, key exists\n");
-			handle->known_keys = alpm_list_add(handle->known_keys, strdup(fpr));
-			ret = 1;
-		}
+		_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup success, key exists\n");
+		handle->known_keys = alpm_list_add(handle->known_keys, strdup(fpr));
+		ret = 1;
 	} else {
 		_alpm_log(handle, ALPM_LOG_DEBUG, "gpg error: %s\n", gpgme_strerror(gpg_err));
 	}
@@ -273,7 +268,7 @@ static int key_import_wkd(alpm_handle_t *handle, const char *email, const char *
 	CHECK_ERR();
 
 	mode = gpgme_get_keylist_mode(ctx);
-	mode |= GPGME_KEYLIST_MODE_LOCATE_EXTERNAL;
+	mode |= GPGME_KEYLIST_MODE_LOCATE;
 	gpg_err = gpgme_set_keylist_mode(ctx, mode);
 	CHECK_ERR();
 
@@ -284,7 +279,7 @@ static int key_import_wkd(alpm_handle_t *handle, const char *email, const char *
 		if(fpr && _alpm_key_in_keychain(handle, fpr)) {
 			ret = 0;
 		} else {
-			_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup failed: WKD imported wrong fingerprint or key expired\n");
+			_alpm_log(handle, ALPM_LOG_DEBUG, "key lookup failed: WKD imported wrong fingerprint\n");
 		}
 	}
 	gpgme_key_unref(key);
@@ -376,7 +371,6 @@ static int key_search_keyserver(alpm_handle_t *handle, const char *fpr,
 	pgpkey->expires = key->subkeys->expires;
 	pgpkey->length = key->subkeys->length;
 	pgpkey->revoked = key->subkeys->revoked;
-	ret = 1;
 
 gpg_error:
 	if(ret != 1) {
@@ -798,7 +792,7 @@ char *_alpm_sigpath(alpm_handle_t *handle, const char *path)
  * @param marginal whether signatures with marginal trust are acceptable
  * @param unknown whether signatures with unknown trust are acceptable
  * @param sigdata a pointer to storage for signature results
- * @return 0 on success, -1 on error, -2 on key error (consult pm_errno or sigdata)
+ * @return 0 on success, -1 on error (consult pm_errno or sigdata)
  */
 int _alpm_check_pgp_helper(alpm_handle_t *handle, const char *path,
 		const char *base64_sig, int optional, int marginal, int unknown,
@@ -806,7 +800,6 @@ int _alpm_check_pgp_helper(alpm_handle_t *handle, const char *path,
 {
 	alpm_siglist_t *siglist;
 	int ret;
-	int key_invalid = 0;
 
 	CALLOC(siglist, 1, sizeof(alpm_siglist_t),
 			RET_ERR(handle, ALPM_ERR_MEMORY, -1));
@@ -828,11 +821,8 @@ int _alpm_check_pgp_helper(alpm_handle_t *handle, const char *path,
 		size_t num;
 		for(num = 0; !ret && num < siglist->count; num++) {
 			switch(siglist->results[num].status) {
-				case ALPM_SIGSTATUS_KEY_EXPIRED:
-					_alpm_log(handle, ALPM_LOG_DEBUG, "key is expired\n");
-					key_invalid = 1;
-					__attribute__((fallthrough));
 				case ALPM_SIGSTATUS_VALID:
+				case ALPM_SIGSTATUS_KEY_EXPIRED:
 					_alpm_log(handle, ALPM_LOG_DEBUG, "signature is valid\n");
 					switch(siglist->results[num].validity) {
 						case ALPM_SIGVALIDITY_FULL:
@@ -856,12 +846,9 @@ int _alpm_check_pgp_helper(alpm_handle_t *handle, const char *path,
 							break;
 					}
 					break;
+				case ALPM_SIGSTATUS_SIG_EXPIRED:
 				case ALPM_SIGSTATUS_KEY_UNKNOWN:
 				case ALPM_SIGSTATUS_KEY_DISABLED:
-				case ALPM_SIGSTATUS_SIG_EXPIRED:
-					_alpm_log(handle, ALPM_LOG_DEBUG, "key is not valid\n");
-					key_invalid = 1;
-					__attribute__((fallthrough));
 				case ALPM_SIGSTATUS_INVALID:
 					_alpm_log(handle, ALPM_LOG_DEBUG, "signature is not valid\n");
 					ret = -1;
@@ -877,7 +864,7 @@ int _alpm_check_pgp_helper(alpm_handle_t *handle, const char *path,
 		free(siglist);
 	}
 
-	return key_invalid ? -2 : ret;
+	return ret;
 }
 
 /**
@@ -910,6 +897,7 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier,
 		const char *name = result->key.uid ? result->key.uid : result->key.fingerprint;
 		switch(result->status) {
 			case ALPM_SIGSTATUS_VALID:
+			case ALPM_SIGSTATUS_KEY_EXPIRED:
 				switch(result->validity) {
 					case ALPM_SIGVALIDITY_FULL:
 						break;
@@ -935,16 +923,6 @@ int _alpm_process_siglist(alpm_handle_t *handle, const char *identifier,
 								identifier, name);
 						break;
 				}
-				break;
-			case ALPM_SIGSTATUS_KEY_EXPIRED:
-				_alpm_log(handle, ALPM_LOG_ERROR,
-						_("%s: key \"%s\" (%s) is expired\n"),
-						identifier, name, result->key.fingerprint);
-
-				if(_alpm_key_import(handle, result->key.uid, result->key.fingerprint) == 0) {
-					retry = 1;
-				}
-
 				break;
 			case ALPM_SIGSTATUS_KEY_UNKNOWN:
 				/* ensure this key is still actually unknown; we may have imported it

lib/libalpm/sync.c

@@ -776,7 +776,7 @@ static int download_files(alpm_handle_t *handle)
 	char * temporary_cachedir = NULL;
 	alpm_list_t *i, *files = NULL;
 	int ret = 0;
-	alpm_event_t event = {0};
+	alpm_event_t event;
 	alpm_list_t *payloads = NULL;
 
 	cachedir = _alpm_filecache_setup(handle);
@@ -975,7 +975,6 @@ static int check_keyring(alpm_handle_t *handle)
 		EVENT(handle, &event);
 		if(fail) {
 			_alpm_log(handle, ALPM_LOG_ERROR, _("required key missing from keyring\n"));
-			handle->pm_errno = ALPM_ERR_KEY_MISSING;
 			return -1;
 		}
 	}
@@ -1054,7 +1053,6 @@ static int check_validity(alpm_handle_t *handle,
 							_("%s: missing required signature\n"), v->pkg->name);
 					break;
 				case ALPM_ERR_PKG_INVALID_SIG:
-				case ALPM_ERR_PKG_INVALID_KEY:
 					_alpm_process_siglist(handle, v->pkg->name, v->siglist,
 							v->siglevel & ALPM_SIG_PACKAGE_OPTIONAL,
 							v->siglevel & ALPM_SIG_PACKAGE_MARGINAL_OK,

lib/libalpm/trans.c

@@ -270,7 +270,6 @@ int SYMEXPORT alpm_trans_release(alpm_handle_t *handle)
 
 	trans = handle->trans;
 	ASSERT(trans != NULL, RET_ERR(handle, ALPM_ERR_TRANS_NULL, -1));
-	ASSERT(trans->state != STATE_IDLE, RET_ERR(handle, ALPM_ERR_TRANS_NULL, -1));
 
 	int nolock_flag = trans->flags & ALPM_TRANS_FLAG_NOLOCK;
 

lib/libalpm/trans.h

@@ -26,8 +26,7 @@
 #include "alpm.h"
 
 typedef enum _alpm_transstate_t {
-	STATE_IDLE = 0,
-	STATE_INITIALIZED,
+	STATE_INITIALIZED = 0,
 	STATE_PREPARED,
 	STATE_DOWNLOADING,
 	STATE_COMMITTING,

scripts/libmakepkg/lint_config/buildenv.sh.in

@@ -0,0 +1,57 @@
+#!/bin/bash
+#
+#   buildenv.sh - Check that the BUILDENV and OPTIONS arrays are valid
+#
+#   Copyright (c) 2025 Pacman Development Team <pacman-dev@lists.archlinux.org>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 2 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+[[ -n $LIBMAKEPKG_LINT_CONFIG_BUILDENV_SH ]] && return
+LIBMAKEPKG_LINT_CONFIG_BUILDENV_SH=1
+
+MAKEPKG_LIBRARY=${MAKEPKG_LIBRARY:-'@libmakepkgdir@'}
+
+source "$MAKEPKG_LIBRARY/util/message.sh"
+
+lint_config_functions+=('lint_buildenv')
+
+
+lint_buildenv() {
+	local ret=0 kopt 
+	local known_buildenv=(ccache check color distcc sign)
+	local known_option=(autodeps debug docs emptydirs libtool lto purge staticlibs strip zipman)
+
+	for i in "${BUILDENV[@]}"; do
+		for kopt in "${known_buildenv[@]}"; do
+			if [[ $i = "$kopt" || $i = "!$kopt" ]]; then
+				continue 2
+			fi
+		done
+
+		error "$(gettext "%s array contains unknown option '%s'")" "BUILDENV" "$i"
+		ret=1
+	done
+
+	for i in "${OPTIONS[@]}"; do
+		for kopt in "${known_option[@]}"; do
+			if [[ $i = "$kopt" || $i = "!$kopt" ]]; then
+				continue 2
+			fi
+		done
+
+		error "$(gettext "%s array contains unknown option '%s'")" "OPTIONS" "$i"
+		ret=1
+	done
+}

scripts/libmakepkg/lint_config/meson.build

@@ -1,6 +1,7 @@
 libmakepkg_module = 'lint_config'
 
 sources = [
+  'buildenv.sh.in',
   'ext.sh.in',
   'nproc.sh.in',
   'packager.sh.in',

scripts/libmakepkg/lint_pkgbuild/meson.build

@@ -17,7 +17,6 @@ sources = [
   'package_function.sh.in',
   'package_function_variable.sh.in',
   'pkgbase.sh.in',
-  'pkglist.sh.in',
   'pkgname.sh.in',
   'pkgrel.sh.in',
   'pkgver.sh.in',

scripts/libmakepkg/lint_pkgbuild/pkglist.sh.in

@@ -1,44 +0,0 @@
-#!/bin/bash
-#
-#   pkglist.sh - Check the packages selected to build exist.
-#
-#   Copyright (c) 2014-2025 Pacman Development Team <pacman-dev@lists.archlinux.org>
-#
-#   This program is free software; you can redistribute it and/or modify
-#   it under the terms of the GNU General Public License as published by
-#   the Free Software Foundation; either version 2 of the License, or
-#   (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be useful,
-#   but WITHOUT ANY WARRANTY; without even the implied warranty of
-#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#   GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-
-[[ -n "$LIBMAKEPKG_LINT_PKGBUILD_PKGLIST_SH" ]] && return
-LIBMAKEPKG_LINT_PKGBUILD_PKGLIST_SH=1
-
-MAKEPKG_LIBRARY=${MAKEPKG_LIBRARY:-'@libmakepkgdir@'}
-
-source "$MAKEPKG_LIBRARY/util/message.sh"
-source "$MAKEPKG_LIBRARY/util/util.sh"
-
-
-lint_pkgbuild_functions+=('lint_pkglist')
-
-
-lint_pkglist() {
-	local i ret=0
-
-	for i in "${PKGLIST[@]}"; do
-		if ! in_array "$i" "${pkgname[@]}"; then
-			error "$(gettext "Requested package %s is not provided in %s")" "$i" "$BUILDFILE"
-			ret=1
-		fi
-	done
-
-	return $ret
-}

scripts/repo-add.sh.in

@@ -68,6 +68,7 @@ Multiple packages to add can be specified on the command line.\n")"
 		printf -- "$(gettext "Options:\n")"
 		printf -- "$(gettext "  -n, --new         only add packages that are not already in the database\n")"
 		printf -- "$(gettext "  -p, --prevent-downgrade  do not add package to database if a newer version is already present\n")"
+		printf -- "$(gettext "  --include-sigs    Include package PGP signatures in the repository database (if available)")
 	elif [[ $cmd == "repo-remove" ]] ; then
 		printf -- "$(gettext "Usage: repo-remove [options] <path-to-db> <packagename> ...\n")"
 		printf -- "\n"

src/pacman/callback.c

@@ -529,17 +529,10 @@ void cb_question(void *ctx, alpm_question_t *question)
 		case ALPM_QUESTION_CORRUPTED_PKG:
 			{
 				alpm_question_corrupted_t *q = &question->corrupted;
-				if(q->reason == ALPM_ERR_PKG_INVALID_KEY || q->reason == ALPM_ERR_DB_INVALID_KEY) {
-					q->remove = yesno(_("Can't get PGP key for file %s (%s)\n"
-								"Do you want to delete it?"),
-							q->filepath,
-							alpm_strerror(q->reason));
-				} else {
-					q->remove = yesno(_("File %s is corrupted (%s).\n"
-								"Do you want to delete it?"),
-							q->filepath,
-							alpm_strerror(q->reason));
-				}
+				q->remove = yesno(_("File %s is corrupted (%s).\n"
+							"Do you want to delete it?"),
+						q->filepath,
+						alpm_strerror(q->reason));
 			}
 			break;
 		case ALPM_QUESTION_IMPORT_KEY:

src/pacman/conf.c

@@ -109,8 +109,7 @@ config_t *config_new(void)
 	newconfig->logmask = ALPM_LOG_ERROR | ALPM_LOG_WARNING;
 	newconfig->configfile = strdup(CONFFILE);
 	if(alpm_capabilities() & ALPM_CAPABILITY_SIGNATURES) {
-		newconfig->siglevel = ALPM_SIG_PACKAGE | ALPM_SIG_PACKAGE_OPTIONAL |
-			ALPM_SIG_DATABASE | ALPM_SIG_DATABASE_OPTIONAL;
+		newconfig->siglevel = ALPM_SIG_PACKAGE | ALPM_SIG_DATABASE;
 		newconfig->localfilesiglevel = ALPM_SIG_USE_DEFAULT;
 		newconfig->remotefilesiglevel = ALPM_SIG_USE_DEFAULT;
 	}

src/pacman/sync.c

@@ -84,7 +84,7 @@ static int sync_cleandb(const char *dbpath)
 
 		/* build the full path */
 		len = snprintf(path, PATH_MAX, "%s%s", dbpath, dname);
-		if(len > PATH_MAX) {
+		if(len >= PATH_MAX) {
 			pm_printf(ALPM_LOG_ERROR, _("could not remove %s%s: path exceeds PATH_MAX\n"),
 					dbpath, dname);
 		}
@@ -245,7 +245,7 @@ static int sync_cleancache(int level)
 
 			/* build the full filepath */
 			len=snprintf(path, PATH_MAX, "%s%s", cachedir, ent->d_name);
-			if(len > PATH_MAX) {
+			if(len >= PATH_MAX) {
 				pm_printf(ALPM_LOG_ERROR, _("skipping %s%s: path exceeds PATH_MAX\n"),
 						cachedir, ent->d_name);
 				continue;
@@ -364,6 +364,8 @@ static int sync_group(int level, alpm_list_t *syncs, alpm_list_t *targets)
 				}
 			}
 			if(!found) {
+				pm_printf(ALPM_LOG_ERROR,
+					_("package group '%s' was not found\n"), grpname);
 				ret = 1;
 			}
 		}

test/pacman/tests/upgrade-download-pkg-and-sig-with-filename.py

@@ -1,6 +1,7 @@
 self.description = 'download remote packages with -U with a URL filename'
 self.require_capability("gpg")
 self.require_capability("curl")
+self.option['SigLevel'] = ['Required']
 
 url = self.add_simple_http_server({
     # simple

test/pacman/util.py

@@ -115,6 +115,8 @@ def mkcfgfile(filename, root, option, db):
     data = ["[options]"]
     for key, value in option.items():
         data.extend(["%s = %s" % (key, j) for j in value])
+    if "SigLevel" not in option:
+        data.append("SigLevel = Never\n")
 
     # Repositories
     # sort by repo name so tests can predict repo order, rather than be