On Tue, Jul 31, 2018 at 10:05:22PM +0200, Vojtech Myslivec wrote: > Hello, > > me and my colleague are struggling with automation of verifying git > repositories and we have encountered that git verify-commit and > verify-tag accepts untrusted signatures and exit successfully.
I don't have strong feelings on your change one way or the other, but for automation it may be useful to use the --raw flag, which gives you the raw gpg output and much greater control. For example, you can require that a subkey is or is not used or require certain algorithms. I will say that most signatures are untrusted in my experience, so unless people are using TOFU mode or making local signatures, git will exit nonzero for most signatures. I think the current status is to exit on a good signature, even if it isn't necessarily a valid signature. I'm interested to hear others' thoughts on this. -- brian m. carlson: Houston, Texas, US OpenPGP: https://keybase.io/bk2204
signature.asc
Description: PGP signature
