The following procedure is not necessary for compiling with makepkg, for your initial configuration proceed to #Usage. To temporarily disable signature checking call the makepkg command with the
If a signature file in the form of .sig is part of the PKGBUILD source array, makepkg validates the authenticity of source files. For example, the signature pkgname-pkgver.tar.gz.sig is used to check the integrity of the file pkgname-pkgver.tar.gz with the gpg program. If desired, signatures by other developers can be manually added to the gpg keyring. Look into the GnuPG article for further information.