nix/2.home-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

git: support alternate signing methods (#5516)

Browse source 
The Git module now supports SSH and X.509 signing in addition to
OpenPGP/GnuPG, via setting the `programs.git.signing.format` option.
It defaults to `openpgp` for now as a backwards compatibility measure,
but I feel like we shouldn't enforce GPG as the default on everyone,
especially for people who use SSH signing like me.

Accordingly, `programs.git.signing.gpgPath` has been renamed to
`programs.git.signing.signer`, as now the signer binary is not
restricted to GnuPG. Users should only get a warning and everything
should continue to work.

Fixes #4221, supersedes #4235

Co-authored-by: Mario Rodas <marsam@users.noreply.github.com>
Co-authored-by: Sumner Evans <me@sumnerevans.com>
Co-authored-by: Leah Amelia Chen <hi@pluie.me>
This commit is contained in:
Sizhe Zhao 2025-02-15 02:47:27 +08:00 committed by GitHub
parent 5031c6d297
commit 7da01bc47a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
19 changed files with 201 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

3
tests/modules/programs/git/git.nix
View file

@ -52,7 +52,8 @@ in {
}
];
signing = {
gpgPath = "path-to-gpg";
signer = "path-to-gpg";
format = "openpgp";
key = "00112233445566778899AABBCCDDEEFF";
signByDefault = true;
};