Re: [PATCHv2 3/6] verify-commit: scriptable commit signature verification

Jeff King venit, vidit, dixit 13.06.2014 13:50: > On Fri, Jun 13, 2014 at 01:45:58PM +0200, Michael J Gruber wrote: > >> I sneekily fix this in 6/6... I thought 3/6 is on next already, too late >> for a real v2. Otherwise I would put 6/6 before everything else. > > Ah, yeah, I assumed we were sti

Re: [PATCHv2 3/6] verify-commit: scriptable commit signature verification

On Fri, Jun 13, 2014 at 01:45:58PM +0200, Michael J Gruber wrote: > I sneekily fix this in 6/6... I thought 3/6 is on next already, too late > for a real v2. Otherwise I would put 6/6 before everything else. Ah, yeah, I assumed we were still re-rolling (and it looks like you're just on pu so far)

Re: [PATCHv2 3/6] verify-commit: scriptable commit signature verification

Jeff King venit, vidit, dixit 13.06.2014 13:19: > On Fri, Jun 13, 2014 at 12:42:45PM +0200, Michael J Gruber wrote: > >> + >> +free(signature_check.gpg_output); >> +free(signature_check.gpg_status); >> +free(signature_check.signer); >> +free(signature_check.key); >> +return sig

Re: [PATCHv2 3/6] verify-commit: scriptable commit signature verification

On Fri, Jun 13, 2014 at 12:42:45PM +0200, Michael J Gruber wrote: > + > + free(signature_check.gpg_output); > + free(signature_check.gpg_status); > + free(signature_check.signer); > + free(signature_check.key); > + return signature_check.result != 'G'; > +} How about .payload

[PATCHv2 3/6] verify-commit: scriptable commit signature verification

Commit signatures can be verified using "git show -s --show-signature" or the "%G?" pretty format and parsing the output, which is well suited for user inspection, but not for scripting. Provide a command "verify-commit" which is analogous to "verify-tag": It returns 0 for good signatures and non-