#!/bin/sh # This hook script prevents the user from pushing to Savannah if any of the new # commits' OpenPGP signatures cannot be verified. # Called by "git push" after it has checked the remote status, but before # anything has been pushed. If this script exits with a non-zero status nothing # will be pushed. # # This hook is called with the following parameters: # # $1 -- Name of the remote to which the push is being done # $2 -- URL to which the push is being done # # If pushing without using a named remote those arguments will be equal. # # Information about the commits which are being pushed is supplied as lines to # the standard input in the form: # # z40=0000000000000000000000000000000000000000 # Only use the hook when pushing to Savannah. case "$2" in *git.sv.gnu.org*) break ;; *) exit 0 ;; esac while read local_ref local_sha remote_ref remote_sha do if [ "$local_sha" = $z40 ] then # Handle delete : else if [ "$remote_sha" = $z40 ] then # We are pushing a new branch. To prevent wasting too # much time for this relatively rare case, we examine # all commits since the first signed commit, rather than # the full history. This check *will* fail, and the user # will need to temporarily disable the hook to push the # new branch. range="e3d0fcbf7e55e8cbe8d0a1c5a24d73f341d7243b..$local_sha" else # Update to existing branch, examine new commits range="$remote_sha..$local_sha" fi # Verify the signatures of all commits being pushed. ret=0 for commit in $(git rev-list $range) do if ! git verify-commit $commit >/dev/null 2>&1 then printf "%s failed signature check\n" $commit ret=1 fi done exit $ret fi done exit 0 ion value='author'>author
path: root/etc/git/gitconfig
AgeCommit message (Expand)Author
2024-01-24gitconfig: b4: Automatically add 'Signed-off-by' when applying patches....Also use --3way to ease conflict resolutions. * etc/git/gitconfig [b4]: Add shazam-am-flags option. Change-Id: I6a92909a5b23a8680c16251aafa084b9a48944ea Maxim Cournoyer
2023-11-07doc: Add some guidelines for reviewing....* doc/contributing.texi (Contributing) [Reviewing the Work of Others]: New section. (Debbugs Usertags): Expound with Emacs Debbugs information and document the 'reviewed-looks-good' usertag. * etc/git/gitconfig [b4]: New section. Change-Id: I56630b15ec4fbc5c67e5420dbf2838556a005d6b Reviewed-by: Ludovic Courtès <ludo@gnu.org> Maxim Cournoyer
2023-05-18etc: gitconfig: Do not enforced signed commits....This change was more invasive than initially thought, and cannot be disabled easily, as raised by a few people. Let's revert it for now. At least the pre-push hook should be deployed automatically and catch any unsigned commits attempted to be pushed to Savannah. * etc/git/gitconfig [commit]: Remove section. Maxim Cournoyer
2023-05-01Makefile.am: Auto-configure Git on 'make'....This means we do not need to worry anymore about manually syncing the pre-push git hook or the Guix-provided git configuration. * etc/git/gitconfig: Augment configuration template with useful options to allow for auto-configuration. * Makefile.am (.git/hooks/pre-push, .git/config): New targets. (nodist_noinst_DATA): New primary variable holding the above targets. Maxim Cournoyer
2021-10-14Add git configuration templates to improve diff hunk header detection....This is a follow-up to commit 9fc8ae4171e5da4939a64fc6d684c8b9d85bbe84, which missed two hunks from <https://issues.guix.gnu.org/50363>. Reported by hackeryarn on #guix. * .gitattributes, etc/git/gitconfig: New files. Signed-off-by: Marius Bakke <marius@gnu.org> Sarah Morgensen