On Sat, Apr 22, 2017 at 11:37:00AM -0500, Christopher Allan Webber wrote:
> Commit 8439c9c05e upgraded gpgme to 1.9.0.
> 
> Unfortunately, python-gpg's version is tied to gpgme:
> 
> (define-public python-gpg
>   (package
>     (name "python-gpg")
>     (version (package-version gpgme))
>     ;; [...]
> 
> This is a problem, because upgrading gpgme "automatically" upgraded
> python-gpg, and there is no python-gpg release of 1.9.0.  The latest
> release is 1.8.0:
> 
>   https://pypi.python.org/pypi/gpg/1.8.0

I'd hoped the GPGME maintainers would release new versions of python-gpg
in tandem with GPGME, but since that's not the case, we should not use
gpgme's package-version in python-gpg.

Can you try it? I'm not an assword user, so I can't adequately test the
combination of gpgme-1.9.0 and python-gpg-1.8.0.

> I'm not sure it makes sense to tie the package version to python-gpg's
> package version anyway... if upgrading gpgme does trigger the upgrade of
> python-gpg "automatically", then that would mean that even if there was
> a pythong-gpg available with the new version, the hash would be
> incorrect.

Right, this technique doesn't work if one forgets to update the other
packages... as I forgot to do in this case :)