Commit Briefs
create and verify tags signed by SSH keys
This adds a new -s flag to 'got tag' that specifies the signer identity (for example, a key file) of the tagger. The tag object will include a signature that validates each of the tag object headers and the tag message. Verifying these signed tags requires maintaining an allowed signers file which maps signer identities (i.e. the email address of the tagger) to SSH public keys. See ssh-keygen(1) for more details of the allowed signers file. After creating this file and providing the path to it in got.conf(5) using the allowed_signers option, tags may be verified using with 'got tag -V tag_name'. The return code will be non-zero if a signature fails to verify. ok stsp@
provide separate send {} and fetch {} configuration blocks in got.conf
Feature requested by naddy. ok naddy, who also suggested some tweaks that will arrive shortly
add send and fetch plumbing to parser for got.conf
This is the beginning of support for naddy's suggestion to break this out similar to git. More code to come from stsp. ok stsp@
add a 'reference' directive to remote repositories in got.conf(5)
Make use of this in 'got clone' to persist -R option arguments given on the command line in the cloned repository's got.conf(5) file.
add a 'fetch-all-branches' configuration setting to got.conf(5)
Set fetch-all-branches in the got.conf(5) file created by 'got clone -a' in order to make a future 'got fetch' act like 'got fetch -a' by default.
add got.conf(5) configuration file
ok tracey