Sebastian Götte <jaseg@xxxxxxxxxxxxxxxxxxx> writes: > On 04/24/2013 11:51 AM, Michael J Gruber wrote: >> Sebastian Götte venit, vidit, dixit 24.04.2013 10:53: >>> What could be nice would be a >>> config option that makes "git push" warn/abort in case I try to push an >>> unsigned head commit to a repo where I want to have signed commits: >>>> remote.<name>.abortUnsigned >>> This of course needs a command line override switch. >> >> This appears to be more suited for a server side hook (update), or a new >> pre-push hook. > Ok, here it is ;) > I replaced the previous sample hook code because it did only check for commits > containing "WIP" in their messages which I think is not terribly useful (and > can easily be added to this script. I also added a missing colon that caused my > shell to complain about an empty if. > This patch applies to the current master as it requires the new GPG %G? pretty > placeholder output. None of the above is part of a proper commit log message, is it? > > Signed-off-by: Sebastian Götte <jaseg@xxxxxxxxxxxxxxxxxxxxxxxx> > --- > templates/hooks--pre-push.sample | 22 ++++++++++------------ > 1 file changed, 10 insertions(+), 12 deletions(-) > > diff --git a/templates/hooks--pre-push.sample b/templates/hooks--pre-push.sample > old mode 100644 > new mode 100755 Why? > index 15ab6d8..08a72df > --- a/templates/hooks--pre-push.sample > +++ b/templates/hooks--pre-push.sample > @@ -16,20 +16,19 @@ > # > # <local ref> <local sha1> <remote ref> <remote sha1> > # > -# This sample shows how to prevent push of commits where the log message starts > -# with "WIP" (work in progress). > +# This sample shows how to prevent pushing commits without good GPG signatures What justifies to remove existing demonstration? It is far easier for the end users to remove parts that do not apply to their needs, than coming up with a solution to add themselves without help from an example. > remote="$1" > url="$2" > > z40=0000000000000000000000000000000000000000 > +ec=0 I think it is more customary to call this kind of variable "ret" or "retval", not an abbreviation for "european commission" ;-). > -IFS=' ' Why? > while read local_ref local_sha remote_ref remote_sha > do > if [ "$local_sha" = $z40 ] > then > - # Handle delete > + : # Handle delete > else > if [ "$remote_sha" = $z40 ] > then > @@ -40,14 +39,13 @@ do > range="$remote_sha..$local_sha" > fi > > - # Check for WIP commit > - commit=`git rev-list -n 1 --grep '^WIP' "$range"` > - if [ -n "$commit" ] > - then > - echo "Found WIP commit in $local_ref, not pushing" > - exit 1 > - fi > + commits=`git log --format="%G? %h" "$range" | grep -v '^G' | cut -d\ -f2` Useless use of cut. You could do git log ... | while read sign commit do test "$sign" = G && continue echo "Found commit that is not properly signed: $commit" ... -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html