verify() in sign.rs prints a warning when the signer key is revoked but still returns Ok(true/false), so rpg --verify exits zero. The question: should verifying against a revoked key be a hard failure (non-zero exit, Err) or remain a warning? Hard failure matches the intent of revocation; a warning preserves compatibility for scripts that parse output text.
verify() in sign.rs prints a warning when the signer key is revoked but still returns Ok(true/false), so rpg --verify exits zero. The question: should verifying against a revoked key be a hard failure (non-zero exit, Err) or remain a warning? Hard failure matches the intent of revocation; a warning preserves compatibility for scripts that parse output text.