Commit signing is a git feature, so git itself can be used to check your last
commits are signed:
git log --show-signature
This will look the same as git log if the commit is unsigned, and show the
result of gpg —verify otherwise. Red background if unverified (eg. you don't
have the public key
On Wed, 26 Oct 2022 19:07:40 -0500 jgart wrote:
> On Wed, 26 Oct 2022 09:07:57 +0200 Julien Lepiller wrote:
> What do you think if we have a CLI flag for git authenticate
I meant `guix authenticate` not `git authenticate` ;()
On Wed, 26 Oct 2022 09:07:57 +0200 Julien Lepiller wrote:
> It says fingerprint, so it's fingerprint. Using email or name would not be as
> secure.
>
> Le 26 octobre 2022 07:35:20 GMT+02:00, jgart a écrit :
> >On Wed, 26 Oct 2022 07:21:35 +0200 Julien Lepiller
> >wrote:
> >> From the manual:
It says fingerprint, so it's fingerprint. Using email or name would not be as
secure.
Le 26 octobre 2022 07:35:20 GMT+02:00, jgart a écrit :
>On Wed, 26 Oct 2022 07:21:35 +0200 Julien Lepiller wrote:
>> From the manual: "signer is the OpenPGP fingerprint of public key used to
>> sign commit.",
On Wed, 26 Oct 2022 07:21:35 +0200 Julien Lepiller wrote:
> From the manual: "signer is the OpenPGP fingerprint of public key used to
> sign commit.", but we should still catch this error :)
Is it possible to give the email instead of the fingerprint?
Deduce the fingerprint from the email?
From the manual: "signer is the OpenPGP fingerprint of public key used to sign
commit.", but we should still catch this error :)
Le 26 octobre 2022 04:33:50 GMT+02:00, jgart a écrit :
> guix git authenticate 95620d8845a75c9721876441e66bf28ba4a95eff jgart
>Backtrace:
> 11 (primitive-load
guix git authenticate 95620d8845a75c9721876441e66bf28ba4a95eff jgart
Backtrace:
11 (primitive-load "/home/jgart/.config/guix/current/bin/g…")
In guix/ui.scm:
2263:7 10 (run-guix . _)
2226:10 9 (run-guix-command _ . _)
In ice-9/boot-9.scm:
1752:10 8 (with-exception-handler _ _ #: