Variable: package-check-signature
package-check-signature is a customizable variable defined in
package.el.gz.
Value
allow-unsigned
Documentation
Non-nil means to check package signatures when installing.
This also applies to the "archive-contents" file that lists the contents of the archive.
The value can be one of:
t Accept a package only if it comes with at least
one verified signature.
all Same as t, but verify all signatures if there
are more than one.
allow-unsigned Install a package even if it is unsigned,
but verify the signature if possible (that
is, if it is signed, we have the key for it,
and GnuPG is installed).
nil Package signatures are ignored.
This variable was added, or its default value changed, in Emacs 27.1.
Probably introduced at or before Emacs version 24.4.
Source Code
;; Defined in /usr/src/emacs/lisp/emacs-lisp/package.el.gz
(defcustom package-check-signature 'allow-unsigned
"Non-nil means to check package signatures when installing.
This also applies to the \"archive-contents\" file that lists the
contents of the archive.
The value can be one of:
t Accept a package only if it comes with at least
one verified signature.
`all' Same as t, but verify all signatures if there
are more than one.
`allow-unsigned' Install a package even if it is unsigned,
but verify the signature if possible (that
is, if it is signed, we have the key for it,
and GnuPG is installed).
nil Package signatures are ignored."
:type '(choice (const :value nil :tag "Never")
(const :value allow-unsigned :tag "Allow unsigned")
(const :value t :tag "Check always")
(const :value all :tag "Check always (all signatures)"))
:risky t
:version "27.1")