#!/bin/sh # This hook script prevents the user from pushing to Savannah if any of the new # commits' OpenPGP signatures cannot be verified, or if a commit is signed # with an unauthorized key. # Called by "git push" after it has checked the remote status, but before # anything has been pushed. If this script exits with a non-zero status nothing # will be pushed. # # This hook is called with the following parameters: # # $1 -- Name of the remote to which the push is being done # $2 -- URL to which the push is being done # # If pushing without using a named remote those arguments will be equal. # # Information about the commits which are being pushed is supplied as lines to # the standard input in the form: # # # This is the "empty hash" used by Git when pushing a branch deletion. z40=0000000000000000000000000000000000000000 while read local_ref local_hash remote_ref remote_hash do # When deleting a remote branch, no commits are pushed to the remote, and # thus there are no signatures to be verified. if [ "$local_hash" != $z40 ] then # Only use the hook when pushing to Savannah. case "$2" in *.gnu.org*) exec make authenticate check-channel-news exit 127 ;; *) exit 0 ;; esac fi done exit 0 /a>treecommitdiff
path: root/gnu/build/chromium-extension.scm
AgeCommit message (Expand)Author
2021-12-23chromium-extension: Avoid another usage of the store-mapped /tmp....* gnu/build/chromium-extension.scm (make-crx): Use a Chromium profile relative to the build directory instead of /tmp. While here, remove obsolete comment. Marius Bakke
2021-12-16chromium-extension: Build .crx files in a deterministic fashion....* gnu/build/chromium-extension.scm (make-crx): Pass #:keep-mtime? #t to COPY-RECURSIVELY. Remove defunct FAKETIME workaround. While at it, pack the extension in the scratch working directory instead of the transient store-mapped /tmp. Marius Bakke
2021-12-16chromium-extension: Avoid usage of gcrypt at evaluation time....* gnu/build/chromium-extension.scm (make-signing-key): Wrap builder in with-extensions, and compute the seed checksum at build time. Marius Bakke
2021-12-16chromium-extension: Reduce imported-modules scope....* gnu/build/chromium-extension.scm (make-crx): Delay with-imported-modules until the builder code. (crx->chromium-json): Remove needless define* while at it. Marius Bakke
2021-12-16chromium-extension: Simplify builder code....* gnu/build/chromium-extension.scm (chromium-json->profile-object): Remove variable. (file-sha256): New variable. (make-chromium-extension): Rename OUTPUT parameter to prevent conflict. Adjust other variable names for clarity. [inputs]: Clear. [arguments]: Inline and simplify the final transformation with a gexp. Marius Bakke