Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 913390 - git-r3.eclass: add verify-sig.eclass-style functionality, a la Portage's git repository support
Summary: git-r3.eclass: add verify-sig.eclass-style functionality, a la Portage's git ...
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Eclasses (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Michał Górny
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-09-01 02:35 UTC by Sam James
Modified: 2024-06-01 23:37 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-09-01 02:35:16 UTC 
Portage currently runs `git log" -n1 --pretty=format:%G? HEAD` (roughly) to figure out if a repository's top commit is signed.

This works w/ gemato setting up a gnupg env with the expected keyring, exporting that to git, then checking the result.

We should do this for git-r3.eclass - it'd be nice in cases like sys-apps/portage's live ebuild, where we could use sec-keys/openpgp-keys-gentoo-developers.