[WIP] Support GPG-signing commits #966
Conversation
|
Thanks for looking into it!
We shouldn't need/want to sign snapshot commits (although you can if it's easier). These are just meant to store the working copy state to either attach to a real commit later (which would be signed at that time) or to restore the working copy state (which doesn't need to be signed).
Would you be able to generate a single key ahead of time and commit it to the repo? Although I don't know if that would remove the dependency on |
git-branchless-lib/src/git/sign.rs
Outdated
| (_, Some("") | None) => { | ||
| let signer = git2_ext::ops::UserSign::from_config(&repo.inner, &config) | ||
| .map_err(RepoError::ReadConfig)?; | ||
| Box::new(signer) as Box<dyn git2_ext::ops::Sign> |
There was a problem hiding this comment.
Most likely you can ignore the warning about
using a potentially dangerous silent `as` conversion
here. That's meant for numeric types (like u32 <-> u64), but it looks like git2_ext::ops::Sign is not a numeric type, so I don't know why the warning is triggereing here.
This is a work in progress, just wanted to publish it early to gather some feedback.
TODO:
git record(callsgit commitdirectly so signing already works in master, added new flags to override keyid or disable signing)git amendgit movegit syncgit restackgit rewordgit testgit branchless snapshot createAlso looking in ways to write integration tests for this. Generating keys through
gpgand using them in tests seems a bit cumbersome.Fixes #465