This is included portably.

Reminded by naddy and stsp; it was missing a cast to unsigned char to prevent issues on archs with signed chars and was too broad anyway. While here, drop an extra check immediately after. ok stsp@

Don't rely on implicit/"hidden" includes, but rather add them to the header file so their inclusion doesn't result in missing values. Although not explicitly a functional change, this does help -portable. This ensures size_t/time_t are always present. OK @jrick

spotted by op@

This is included portably.

Add support for upstream's tag signing commits, but adding the relevant files to autotools, and making those portable-compatible.

This adds a new -s flag to 'got tag' that specifies the signer identity (for example, a key file) of the tagger. The tag object will include a signature that validates each of the tag object headers and the tag message. Verifying these signed tags requires maintaining an allowed signers file which maps signer identities (i.e. the email address of the tagger) to SSH public keys. See ssh-keygen(1) for more details of the allowed signers file. After creating this file and providing the path to it in got.conf(5) using the allowed_signers option, tags may be verified using with 'got tag -V tag_name'. The return code will be non-zero if a signature fails to verify. ok stsp@

exist on MacOS, for instance. Since we we're passing in 0 to pipe2(), this mean no fcntl() flags were being sent. As such, it's the same syscall as pipe() which also has the added benefit that it's more portable. committing on behalf of thomas with my ok