|
4d5ee956
|
2022-07-02T21:27:21
|
|
create and verify tags signed by SSH keys
This adds a new -s flag to 'got tag' that specifies the signer
identity (for example, a key file) of the tagger. The tag object will
include a signature that validates each of the tag object headers and
the tag message.
Verifying these signed tags requires maintaining an allowed signers
file which maps signer identities (i.e. the email address of the
tagger) to SSH public keys. See ssh-keygen(1) for more details of the
allowed signers file. After creating this file and providing the path
to it in got.conf(5) using the allowed_signers option, tags may be
verified using with 'got tag -V tag_name'. The return code will be
non-zero if a signature fails to verify.
ok stsp@
|
|
b343c297
|
2021-10-11T18:54:11
|
|
use a bloom filter to avoid pointless pack index searches
|
|
|
2e601464
|
2021-09-06T10:49:29
|
|
fix regress/fetch build; broken by my renaming of got_fetch_parse_uri()
|
|
|
50b0790e
|
2020-09-11T17:04:57
|
|
add per-worktree got.conf(5) file in the .got directory; ok millert
|
|
|
7fb414ae
|
2020-08-08T07:34:47
|
|
add a -q option to tests for quiet output and use it for 'make regress'
Previous default output remains when test cases are run individually.
ok tracey
|
|
|
82ebf666
|
2020-03-18T16:10:34
|
|
tweak parse_uri() function, declare it as public API, and add a test for it
|