Documentation: clarify signature verification

Clarify that "merge --verify-signatures" checks the signature on the
tip commit of the history being merged.

Uniformise the vocabulary used wrt. key/signature validity with OpenPGP:
- a signature is valid if made by a key with a valid uid;
- in the default trust-model, a uid is valid if signed by a trusted key;
- a key is trusted if the (local) user set a trust level for it.

Helped-by: Junio C Hamano <gitster@pobox.com>
Signed-off-by: Keller Fuchs   <KellerFuchs@hashbang.sh>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Keller Fuchs 2016-05-13 09:51:01 +00:00 committed by Junio C Hamano
parent 90f7b16b3a
commit 05a5869a01
2 changed files with 7 additions and 4 deletions

View File

@ -89,8 +89,11 @@ option can be used to override --squash.
--verify-signatures::
--no-verify-signatures::
Verify that the commits being merged have good and trusted GPG signatures
and abort the merge in case they do not.
Verify that the tip commit of the side branch being merged is
signed with a valid key, i.e. a key that has a valid uid: in the
default trust model, this means the signing key has been signed by
a trusted key. If the tip commit of the side branch is not signed
with a valid key, the merge is aborted.
--summary::
--no-summary::

View File

@ -143,8 +143,8 @@ ifndef::git-rev-list[]
- '%N': commit notes
endif::git-rev-list[]
- '%GG': raw verification message from GPG for a signed commit
- '%G?': show "G" for a Good signature, "B" for a Bad signature, "U" for a good,
untrusted signature and "N" for no signature
- '%G?': show "G" for a good (valid) signature, "B" for a bad signature,
"U" for a good signature with unknown validity and "N" for no signature
- '%GS': show the name of the signer for a signed commit
- '%GK': show the key used to sign a signed commit
- '%gD': reflog selector, e.g., `refs/stash@{1}`