aboutsummaryrefslogtreecommitdiff
path: root/contrib/verify-commits
AgeCommit message (Collapse)Author
2017-11-09Merge #10771: Remove unused variables in shell scriptsWladimir J. van der Laan
ab8e8b9 Remove unused variables in shell scripts. (practicalswift) Pull request description: Remove unused variables in shell scripts. Use `_` where we don't care about the result. Tree-SHA512: 35049e79ee432c805f061456c32902a92811b5214d50ce6770b22d1442cc5999ed53cfe05bb2347f6995ca33c707a0f3fe92d5829c0385c4a3e254953924cbc4
2017-10-20[verify-commits] Allow revoked keys to expireMatt Corallo
2017-10-09Remove accidental stray semicolonpracticalswift
2017-08-09Remove unused variables in shell scripts.practicalswift
2017-03-09Update trusted-sha512-root-commit for new bad tree hashMatt Corallo
2017-03-09If GNU sha512sum is missing, try perl shasum in verify-commitsMatt Corallo
2017-03-09Make verify-commits.sh non-recursiveMatt Corallo
2017-03-06Fix bashisms in verify-commits and always check top commit's treeMatt Corallo
2017-03-06Check gpg version before setting --weak-digestMatt Corallo
2017-03-05Fix regsig checking for subkey sigs in verify-commitsMatt Corallo
2017-03-04Allow any subkey in verify-commitsMatt Corallo
2017-03-04Add comment re: why SHA1 is disabledPeter Todd
2017-03-04Verify Tree-SHA512s in merge commits, enforce sigs are not SHA1Matt Corallo
2017-02-27Add Pieter's old signed commits to revsig-commitsMatt Corallo
2017-02-01Require merge commits merge branches on top of other merge commitsMatt Corallo
Specifically, require that the left branch (first restult of git show -s --format=format:%P) is a signed merge commit, instead of allowing either. This is fine for now, but might need to be relaxed in the future. Also fixes an out-of-file-descriptors issue by holding too many open FDs writing to /dev/null
2016-09-11[copyright] add MIT license headers to .sh scripts where missingisle2983
Years are set according to 'git log' history
2016-06-18Remove sipa's old revoked key from verify-commitsPeter Todd
Now that the trusted root is past all commits signed by that key we don't need it in the trusted-keys list, nor do we need to whitelist those commits in allow-revsig-commits
2016-06-09Add README for verify-commitsPeter Todd
2016-05-21Remove keys that are no longer used for mergingPeter Todd
Also updated trusted git root to be right after gmaxwell's last merge.
2016-05-21Remove pointless warningPeter Todd
Any attacker who managed to make an evil commit that changed something in the contrib/verify-commits/ directory could just as easily remove the warning and/or modify it to not display the evil commits; telling the user to check those commits specifically misleads them into checking just those commits rather than the script itself.
2016-05-21Make verify-commits path-independentMatt Corallo
2016-05-21Make verify-commits POSIX-compliantMatt Corallo
2016-04-21[contrib] verify-commits: Add MarcoFalke fingerprintMarcoFalke
2015-11-13add jonasschnellis key to git-verify-commits trusted-keysJonas Schnelli
2015-11-06Use Pieter's signing subkey instead of his primary keyMatt Corallo
This commit is signed.
2015-10-27Add Pieter's new PGP key to verify-commits/trusted-keysMatt Corallo
2015-10-23Whitelist commits signed with Pieter's now-revoked keyMatt Corallo
2015-10-22Fix pre-push-hook regexesMatt Corallo
2015-09-14Update trusted-git-root to the most recent unsigned commitMatt Corallo
2014-12-20Add script to verify all merge commits are signedMatt Corallo