tangled.org / core
Monorepo for Tangled โ€” https://tangled.org
fork atom

feat: sign-off web based commits (i.e.: pulls) #321

open
opened by shi.gg

GitHub automatically verifies commits that were made through their web GUI, and I think that tangled should do that too.

Example, I created this commit (click) via a patch (click)

andreijiroh.dev

GitHub uses GPG for signing web-based commits, but since OpenSSH keys are way more preferred here maybe I think that should be configurable at knotserver level with KNOT_GIT_WEB_SSH_KEY_PATH and optionally KNOT_GOT_WEB_SSH_KEY_PASSWORD.

I am also thinking about those Signed-off-by commit trailers, but that's out of scope for this one.

sign up or login to add to the discussion
Labels

None yet.

area

None yet.

assignee

None yet.

Participants 2
AT URI
at://did:plc:irs2tcoeuvuwj3m4yampbuco/sh.tangled.repo.issue/3m76trywwbg22