🔧 Fix GPG fingerprint verification robustness

[behrangsa]

Summary

Fixes GPG fingerprint verification failure in the release workflow by improving spacing normalization.

☑ Normalize spacing in fingerprint comparison to handle GPG's variable output format
☑ Add debug output to show expected vs actual fingerprints for easier troubleshooting
☑ Use tr -s and xargs to normalize whitespace consistently

Problem

The release workflow was failing during GPG fingerprint verification because:

• GPG outputs fingerprints with variable spacing (double spaces in some positions)
• The workflow was doing exact string matching which failed due to spacing differences
• Error: ❌ Public key fingerprint verification failed

Expected: 02D1 B70C F6D8 41EE E687 6E13 F7A6 F833 1CBB C51F
Actual: 02D1 B70C F6D8 41EE E687 6E13 F7A6 F833 1CBB C51F (note double space)

Solution

• Extract fingerprint using regex pattern matching
• Normalize spacing with tr -s ' ' and xargs
• Add debug output for easier troubleshooting
• More robust comparison logic

Testing

• Workflow builds successfully
• All tests pass
• Release workflow GPG verification (will test after merge)

Type of Change

☑ Bug fix (non-breaking change which fixes an issue)
☐ New feature (non-breaking change which adds functionality)
☐ Breaking change (fix or feature that would cause existing functionality to not work as expected)
☐ Documentation update
☐ Chore/cleanup (non-breaking change that doesn't add features or fix bugs)

[Copilot]

Pull Request Overview

This PR fixes GPG fingerprint verification failures in the release workflow by improving the robustness of spacing normalization when comparing fingerprints. The issue was caused by GPG outputting fingerprints with variable spacing that didn't match the expected exact string comparison.

• Replaces simple grep-based matching with regex extraction and spacing normalization
• Adds debug output to display expected vs actual fingerprints for troubleshooting
• Uses tr -s and xargs to consistently normalize whitespace in fingerprint strings

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[github-actions]

🔒 Security Audit Report

❌ Error parsing audit report

Could not parse security audit results. Check the logs for details.

---

Security audit performed by cargo-audit

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[github-actions]

🔒 Security Audit Report

❌ Error parsing audit report

Could not parse security audit results. Check the logs for details.

---

Security audit performed by cargo-audit

[github-actions]

📊 Performance Test Report

Test Environment: Ubuntu Latest (GitHub Actions)
Commit: f0e393e
Branch: 113/merge
Triggered by: pull_request

📏 Binary Size Analysis (AC8.2)

Binary	Size	Status
samoyed	946848 bytes	✅
samoyed-hook	361120 bytes	✅
Total	1307968 bytes	✅ < 10MB

🧠 Memory Usage Analysis (AC8.3)

Component	Memory Usage	Status
samoyed init	4408 KB	✅
samoyed-hook	1932 KB	✅
Limit	50 MB	✅ All under limit

⚡ Performance Benchmarks

Metric	Value	Target	Status
Hook Execution Overhead	null ms	< 50ms	✅
Startup Time	TBD	< 100ms	✅
File Operations	TBD	Efficient	✅

📈 Performance Summary

• ✅ AC8.1: Hook execution overhead < 50ms
• ✅ AC8.2: Binary size < 10MB
• ✅ AC8.3: Memory usage < 50MB
• ✅ AC8.4: Startup time < 100ms
• ✅ AC8.5: Efficient file system operations

Full benchmark results available in workflow artifacts.