Issue #2261: Hook Request: Allow only cryptographically-signed patches - pagure

pagure

#2261 Hook Request: Allow only cryptographically-signed patches

Opened 6 years ago by sgallagh. Modified a year ago

Currently, there is a hook that allows only "Signed-off by" commits into a Pagure repository. It would be highly desirable to have the option to mark a repository as requiring the commits to be properly signed with a GPG key, which provides a much higher level of assurance.

The hook should confirm that the signature matches a key that can be downloaded from a public keyserver and matches the email of either the author or the committer.

Metadata Update from @pingou:
- Issue tagged with: RFE, hook

6 years ago

Metadata Update from @wombelix:
- Issue set to the milestone: 6.0

a year ago

Metadata

Assignee

None

Tags

Blocking

None

Depending on

None

Priority

None

Milestone

6.0

pagure

Source Code

Documentation

#2261 Hook Request: Allow only cryptographically-signed patches Opened 6 years ago by sgallagh. Modified a year ago

Close issue as:

Metadata

hook RFE

#2261 Hook Request: Allow only cryptographically-signed patches

Opened 6 years ago by sgallagh. Modified a year ago