[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: etc: The pre-push hook says which commits failed the signature ch
|
From: |
www-data |
|
Subject: |
01/01: etc: The pre-push hook says which commits failed the signature check. |
|
Date: |
Wed, 8 Feb 2017 02:36:37 -0500 (EST) |
www-data pushed a commit to branch master
in repository guix.
commit f0d0c5bb188455e0b82ee3089ba103ef71877c87
Author: Leo Famulari <address@hidden>
Date: Mon Jan 23 00:57:46 2017 -0500
etc: The pre-push hook says which commits failed the signature check.
* etc/git/pre-push: Check each commit's signature individually so that
we can report which commits fail the check.
---
etc/git/pre-push | 22 +++++++++++++++++-----
1 file changed, 17 insertions(+), 5 deletions(-)
diff --git a/etc/git/pre-push b/etc/git/pre-push
index c894c5a..9206a2d 100755
--- a/etc/git/pre-push
+++ b/etc/git/pre-push
@@ -40,17 +40,29 @@ do
else
if [ "$remote_sha" = $z40 ]
then
- # New branch, examine all commits
- range="$local_sha"
+ # We are pushing a new branch. To prevent wasting too
+ # much time for this relatively rare case, we examine
+ # all commits since the first signed commit, rather than
+ # the full history. This check *will* fail, and the user
+ # will need to temporarily disable the hook to push the
+ # new branch.
+
range="e3d0fcbf7e55e8cbe8d0a1c5a24d73f341d7243b..$local_sha"
else
# Update to existing branch, examine new commits
range="$remote_sha..$local_sha"
fi
# Verify the signatures of all commits being pushed.
- git verify-commit $(git rev-list $range) >/dev/null 2>&1
-
- exit $?
+ ret=0
+ for commit in $(git rev-list $range)
+ do
+ if ! git verify-commit $commit >/dev/null 2>&1
+ then
+ printf "%s failed signature check\n" $commit
+ ret=1
+ fi
+ done
+ exit $ret
fi
done