Hi, Andrew Tropin <and...@trop.in> skribis:
>> Setting a pre-push hook that invokes ‘guix git authenticate’, as >> recommended in the manual (info "(guix) Commit Access"), should be >> enough: ‘git push’ would just fail in that situation. > > For some reason I thought it does git verify-commit, which I used > manually to check if commit is signed, but it does make authenticate, > which of course works the other way. Missed it, my bad. OK. > I have elaborated on this topic a little more in the manual. > > From e510ea1595c54bec788485f0638967d457afaf3d Mon Sep 17 00:00:00 2001 > From: Andrew Tropin <and...@trop.in> > Date: Mon, 5 Sep 2022 09:46:23 +0300 > Subject: [PATCH] doc: Add more info about commits signature local > verification. > > * doc/contributing.texi (Commit Access): Add more info about commits signature > local verification. It’s certainly an improvement, LGTM! > Let's ask savannah admins if it possible to install guix on those > machines and add pre-receive/update hook? If not, we will look for > other options. I’m busy these days so I’d rather not commit to starting a discussion on this, but I’d suggest testing waters on #savannah on IRC. Thanks, Ludo’.