Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-03-05 | Fix regsig checking for subkey sigs in verify-commitsv0.14.0 | Matt Corallo | |
Rebased-From: bbd757940bcb0628df6f7a5bd1fb348cf2290502 | |||
2017-03-05 | Merge #9920: [0.14] Allow any subkey in verify-commits (BlueMatt) | Wladimir J. van der Laan | |
589cd63 Allow any subkey in verify-commits (Matt Corallo) Tree-SHA512: e3175273c648ed2d990ac931efae5e4bf3bd5ddce7b591f5e64a6831f3c029b252bc5d241dd8d3874467747c3ded87aa1fa334ff53d940cde32c22e584a2c4d0 | |||
2017-03-05 | Allow any subkey in verify-commits | Matt Corallo | |
2017-02-28 | Add Pieter's old signed commits to revsig-commits | Matt Corallo | |
Github-Pull: #9884 Rebased-From: a4b02f4275c3f35492bbdde27e9295497b919a52 | |||
2017-02-01 | Require merge commits merge branches on top of other merge commits | Matt Corallo | |
Specifically, require that the left branch (first restult of git show -s --format=format:%P) is a signed merge commit, instead of allowing either. This is fine for now, but might need to be relaxed in the future. Also fixes an out-of-file-descriptors issue by holding too many open FDs writing to /dev/null | |||
2016-09-11 | [copyright] add MIT license headers to .sh scripts where missing | isle2983 | |
Years are set according to 'git log' history | |||
2016-06-18 | Remove sipa's old revoked key from verify-commits | Peter Todd | |
Now that the trusted root is past all commits signed by that key we don't need it in the trusted-keys list, nor do we need to whitelist those commits in allow-revsig-commits | |||
2016-06-09 | Add README for verify-commits | Peter Todd | |
2016-05-21 | Remove keys that are no longer used for merging | Peter Todd | |
Also updated trusted git root to be right after gmaxwell's last merge. | |||
2016-05-21 | Remove pointless warning | Peter Todd | |
Any attacker who managed to make an evil commit that changed something in the contrib/verify-commits/ directory could just as easily remove the warning and/or modify it to not display the evil commits; telling the user to check those commits specifically misleads them into checking just those commits rather than the script itself. | |||
2016-05-21 | Make verify-commits path-independent | Matt Corallo | |
2016-05-21 | Make verify-commits POSIX-compliant | Matt Corallo | |
2016-04-21 | [contrib] verify-commits: Add MarcoFalke fingerprint | MarcoFalke | |
2015-11-13 | add jonasschnellis key to git-verify-commits trusted-keys | Jonas Schnelli | |
2015-11-06 | Use Pieter's signing subkey instead of his primary key | Matt Corallo | |
This commit is signed. | |||
2015-10-27 | Add Pieter's new PGP key to verify-commits/trusted-keys | Matt Corallo | |
2015-10-23 | Whitelist commits signed with Pieter's now-revoked key | Matt Corallo | |
2015-10-22 | Fix pre-push-hook regexes | Matt Corallo | |
2015-09-14 | Update trusted-git-root to the most recent unsigned commit | Matt Corallo | |
2014-12-20 | Add script to verify all merge commits are signed | Matt Corallo | |