Learn more about these different git repos.
Other Git URLs
Currently, there is a hook that allows only "Signed-off by" commits into a Pagure repository. It would be highly desirable to have the option to mark a repository as requiring the commits to be properly signed with a GPG key, which provides a much higher level of assurance.
The hook should confirm that the signature matches a key that can be downloaded from a public keyserver and matches the email of either the author or the committer.
Metadata Update from @pingou: - Issue tagged with: RFE, hook
Metadata Update from @wombelix: - Issue set to the milestone: 6.0
Login to comment on this ticket.