summaryrefslogtreecommitdiff
path: root/build-aux/git-authenticate.scm
AgeCommit message (Collapse)Author
2020-06-05Add (guix git-authenticate).Ludovic Courtès
* build-aux/git-authenticate.scm (commit-signing-key) (read-authorizations, commit-authorized-keys, authenticate-commit) (load-keyring-from-blob, load-keyring-from-reference) (authenticate-commits, authenticated-commit-cache-file) (previously-authenticated-commits, cache-authenticated-commit): Remove. * build-aux/git-authenticate.scm (git-authenticate): Pass #:default-authorizations to 'authenticate-commits'. * guix/git-authenticate.scm: New file, with code taken from 'build-aux/git-authenticate.scm'. Remove references to '%historical-authorized-signing-keys' and add #:default-authorizations parameter instead. * Makefile.am (MODULES): Add it. (authenticate): Depend on guix/git-authenticate.go.
2020-06-02git-authenticate: Rename '%committers' to '%historical-committers'.Ludovic Courtès
* build-aux/git-authenticate.scm (%committers): Rename to... (%historical-committers): ... this. (%authorized-signing-keys): Rename to... (%historical-authorized-signing-keys): ... this. (authenticate-commit): Adjust accordingly.
2020-05-07git-authenticate: Use the 'origin/keyring' branch by default.Ludovic Courtès
Previously one would need to have a worktree for the local 'keyring' branch. Reported by reepca and bricewge on #guix. * build-aux/git-authenticate.scm (load-keyring-from-reference): Use 'branch-lookup' instead of 'reference-lookup'. Add "origin/" to REFERENCE. (authenticate-commits): Have #:keyring-reference default to "keyring".
2020-05-04git-authenticate: Add missing import.Ludovic Courtès
* build-aux/git-authenticate.scm: Import (guix utils), used by the cache handling code and inadvertently removed in 041dc3a9c0694ada41b86115b9774a23c9d50f73.
2020-05-04git-authenticate: Load the keyring from the repository.Ludovic Courtès
* build-aux/git-authenticate.scm (load-keyring-from-blob) (load-keyring-from-reference): New procedures. (authenticate-commits): Add #:keyring-reference and use 'load-keyring-from-reference'.
2020-05-04git-authenticate: Load the list of authorized keys from the tree.Ludovic Courtès
* build-aux/git-authenticate.scm (read-authorizations) (commit-authorized-keys): New procedures. (authenticate-commit): Use it instead of %AUTHORIZED-SIGNING-KEYS.
2020-05-04git-authenticate: Use (guix openpgp).Ludovic Courtès
It can now authenticate 14K+ commits in 23s instead of 4mn20. * build-aux/git-authenticate.scm (%authorized-signing-keys): Turn fingerprints into bytevectors. (with-temporary-files): Remove. (commit-signing-key): Add 'keyring' parameter. Use 'string->openpgp-packet' and 'verify-openpgp-signature' instead of (guix gnupg) procedures. (authenticate-commit): Add 'keyring' parameter. Pass it to 'commit-signing-key'. Adjust to SIGNING-KEY being an <openpgp-public-key>. (authenticate-commits): Remove 'parameterize'. Load keyring with 'get-openpgp-keyring'. (git-authenticate): When printing stats, adjust to SIGNER being an <openpgp-public-key>.
2020-04-17gnupg: Accept revoked keys.Tobias Geerinckx-Rice
I (nckx) have revoked all RSA subkeys, in favour of my older and freshly-refreshed ECDSA ones. This was merely a precaution: to my knowledge all my RSA private keys have been carefully destroyed and were never compromised. This commit keeps ‘make authenticate’ happy. * guix/gnupg.scm (revkeysig-rx): New variable for revoked keys. (gnupg-verify): Parse it. (gnupg-status-good-signature?): Accept it as ‘good’ for our purposes. * build-aux/git-authenticate.scm (%committers): Clarify nckx's subkeys. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2020-03-28Update email address and Savannah handle for Amin Bandali.Amin Bandali
* .mailmap, gnu/local.mk, gnu/packages/emacs-xyz.scm, gnu/packages/emacs.scm, gnu/packages/fonts.scm, gnu/packages/fpga.scm, gnu/packages/lean.scm, gnu/packages/maths.scm, gnu/packages/pulseaudio.scm: Update my email address. * build-aux/git-authenticate.scm: Update my Savannah handle.
2020-03-09git-authenticate: Add roelj's new key.Ludovic Courtès
This is a followup to cc51c03ff867d4633505354819c6d88af88bf919. * build-aux/git-authenticate.scm (%committers): Add roelj's new key.
2020-02-26git-authenticate: Remove duplicate entry.Ludovic Courtès
* build-aux/git-authenticate.scm (%committers): Remove duplicate of snape.
2020-02-26git-authenticate: Add sub-key for thomasd.Ludovic Courtès
This is a followup to commit 7dc0f1d5a8c248addfcaadf76e45bf601bc51411, signed with sub-key "3D2C DA58 819C 08C2 A649 D43D 5C3B 064C 724A 5726". * build-aux/git-authenticate.scm (%committers): Provide fingerprint of subkey for thomasd.
2020-02-22git-authenticate: Store the sub-key fingerprint of mab.Ludovic Courtès
This is a followup to 76a8dc3ee289ac4f4b984a3d9d2dcb9d89c01eda, signed with this sub-key. * build-aux/git-authenticate.scm (%committers): Store the sub-key fingerprint of mab.
2020-02-13git-authenticate: Add niedzejkob to the list of committers.Ludovic Courtès
* build-aux/git-authenticate.scm (%committers): Add niedzejkob.
2020-02-11git-authenticate: Add mab to the list of committers.Ludovic Courtès
* build-aux/git-authenticate.scm (%committers): Add mab.
2020-01-27git-authenticate: Add roptat's new key.Ludovic Courtès
This is a followup to 2cbede5935eb6a40173bbdf30a9ad22bf7574c22. * build-aux/git-authenticate.scm (%committers): Add roptat's new key.
2020-01-17git-authenticate: Adjust atheia's key info.Ludovic Courtès
This is a followup to 05f8a143e437c0e55f118a0b2a191675a4b76ef1. * build-aux/git-authenticate.scm (%committers): Adjust atheia's key info.
2020-01-17git-authenticate: Add new key for atheia.Ludovic Courtès
* build-aux/git-authenticate.scm (%committers): Add atheia's 2nd key, as seen in commit df18ea6f275abaa160a8593accb29fd273d8fc13.
2020-01-08git-authenticate: Add daviwil to the list of committers.Ludovic Courtès
This is a followup to a587bb23b79eae5dd3fa3acb06d0b533c93fd562, first commit signed by daviwil. * build-aux/git-authenticate.scm (%committers): Add "daviwil".
2019-12-29git-authenticate: Add glv to the list of committers.Ludovic Courtès
This is a followup to 92fcf9856face3822ce827d7732c4b152f715f62, first commit signed by glv. * build-aux/git-authenticate.scm (%committers): Add glv.
2019-12-27git-authenticate: Keep a local cache of previously-authenticated commits.Ludovic Courtès
A list of already-authenticated commits is kept in ~/.cache/guix/authentication. This speeds up subsequent "make authenticate" invocations. * build-aux/git-authenticate.scm (authenticated-commit-cache-file) (previously-authenticated-commits, cache-authenticated-commit): New procedures. (git-authenticate): Define 'authenticated-commits' and pass it as a third argument to 'commit-difference'. Add call to 'cache-authenticated-commit'. Don't display signing stats when STATS is null.
2019-12-27Add 'build-aux/git-authenticate.scm'.Ludovic Courtès
* build-aux/git-authenticate.scm: New file. * Makefile.am (EXTRA_DIST): Add it. (commit_v1_0_1): New variable. (authenticate): New target.