This is v3 rebased on current next (the %G works by Jeff & Junio).
Open questions:
- Should one of git verify-{commit,tag} learn how to verify mergetags?
(Probably no, it differs from both other cases.)
- Should we do this now or go for generic "git verify" right away?
That depends on whether signed commits need to be verified by scripts now,
or whether mergetags are more important.
For a general command which allows different verification policies,
I'm still wondering whether we may need hooks which receive all
the relevant information in the environment. Otherwise we'll have a ton of
options such as --match-committer-uid, --verify--AllParentsHaveMergeTags,
--verify--All-ParentsAreSignedCommits, --peel-to-commit, --merge-commit-only, ...
I imagine that a generic "git verify" would provide "git verify-{commit,tag}"
aliases which call "git verify" with options that reproduce the current (suggested)
behavior.
Michael J Gruber (4):
gpg-interface: provide clear helper for struct signature_check
gpg-interface: provide access to the payload
verify-commit: scriptable commit signature verification
t7510: test verify-commit
Documentation/git-verify-commit.txt | 28 +++++++++++
Makefile | 1 +
builtin.h | 1 +
builtin/merge.c | 5 +-
builtin/verify-commit.c | 93 +++++++++++++++++++++++++++++++++++++
command-list.txt | 1 +
commit.c | 1 +
git.c | 1 +
gpg-interface.c | 14 ++++++
gpg-interface.h | 2 +
pretty.c | 3 +-
t/t7510-signed-commit.sh | 20 +++++++-
12 files changed, 163 insertions(+), 7 deletions(-)
create mode 100644 Documentation/git-verify-commit.txt
create mode 100644 builtin/verify-commit.c
--
2.0.1.563.g162087b.dirty
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html