From 77b92854643d833ccf78fb36aefa1a84cbd52ffc Mon Sep 17 00:00:00 2001
From: Andrew Engelbrecht <andrew@fsf.org>
Date: Tue, 9 Jul 2019 15:43:47 -0400
Subject: [PATCH] added warning about spam key sigs to script

---
 fsf-keyring.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/fsf-keyring.sh b/fsf-keyring.sh
index d11a8fe..e29c105 100755
--- a/fsf-keyring.sh
+++ b/fsf-keyring.sh
@@ -64,6 +64,14 @@ done
 # note: this doesn't work with gpg2. i dunno what the equivalent is in
 # gpg2, likely just exporting all the keys.
 command gpg --trust-model always --no-default-keyring --keyring ./fsf-keyring.gpg --import /tmp/keys.asc
+echo
+echo "Please verify in another terminal window that the keyring doesn't contain many spam signatures before signing:"
+echo
+echo "gpg2 --no-default-keyring --keyring=./fsf-keyring.gpg --list-sigs | less"
+echo
+echo "Press [enter] to continue."
+echo
+read
 gpg --sign ./fsf-keyring.gpg
 mv fsf-keyring.gpg.gpg fsf-keyring.gpg
 rm fsf-keyring.gpg~
-- 
2.25.1