bug#22883: Authenticating a Git checkout

Hello! So we sign Git commits, and now we want to authenticate Git checkouts. There’s a series of bad news. First, ‘git pull’ doesn’t do it for you, you have to pass ‘--verify’ and there’s no way to set it globally. Second, even if it did, it would be a shallow check: as Mike notes in

bug#22587: ‘guix edit’ & ‘M-x guix-edit' typo, rename, & mode change

Ludovic Courtès (2016-06-02 22:40 +0300) wrote: > Alex Kost skribis: > >> Ludovic Courtès (2016-04-20 18:31 +0300) wrote: > > [...] > > However, I think (1) the title should describe the bug, not the > solution, and (2) ‘guix edit’ does what it says IMO, even if it can > occasionally

bug#22883: Authenticating a Git checkout

On Fri, Jun 03, 2016 at 06:12:47PM +0200, Ludovic Courtès wrote: > Hello! > > So we sign Git commits, and now we want to authenticate Git checkouts. > There’s a series of bad news. > > First, ‘git pull’ doesn’t do it for you, you have to pass ‘--verify’ and > there’s no way to set it globally. S

bug#22883: Authenticating a Git checkout

Ludo: On Fri, Jun 03, 2016 at 18:12:47 +0200, Ludovic Courtès wrote: > First, ‘git pull’ doesn’t do it for you, you have to pass ‘--verify’ and > there’s no way to set it globally. That's unfortunate. Does your checkout scenario include a fresh clone? If so, a pull flag wouldn't help there. Leo