d07b00b7f3
Commit signatures can be verified using "git show -s --show-signature" or the "%G?" pretty format and parsing the output, which is well suited for user inspection, but not for scripting. Provide a command "verify-commit" which is analogous to "verify-tag": It returns 0 for good signatures and non-zero otherwise, has the gpg output on stderr and (optionally) the commit object on stdout, sans the signature, just like "verify-tag" does. Signed-off-by: Michael J Gruber <git@drmicha.warpmail.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
29 lines
444 B
Plaintext
29 lines
444 B
Plaintext
git-verify-commit(1)
|
|
====================
|
|
|
|
NAME
|
|
----
|
|
git-verify-commit - Check the GPG signature of commits
|
|
|
|
SYNOPSIS
|
|
--------
|
|
[verse]
|
|
'git verify-commit' <commit>...
|
|
|
|
DESCRIPTION
|
|
-----------
|
|
Validates the gpg signature created by 'git commit -S'.
|
|
|
|
OPTIONS
|
|
-------
|
|
-v::
|
|
--verbose::
|
|
Print the contents of the commit object before validating it.
|
|
|
|
<commit>...::
|
|
SHA-1 identifiers of Git commit objects.
|
|
|
|
GIT
|
|
---
|
|
Part of the linkgit:git[1] suite
|