Implementation of the rest of the gpg signing support #2728
Conversation
Now it is actually possible to set GPG as the main backend and have jj "preserving" signatures on rewrites. Just no way to make signatures yet
Cannot make it accept multiple revisions easily, that'd have to be done with a rebaser
Add it to default templates as well, it only shows anything when there's a signature.
|
huh codespell actually caught something, cool |
ff42130 to
682eb69
Compare
|
Huuuuuh, gpg is not only present on the windows worker, but even works (in a sense that jj successfully calls the command, so a build off this PR should work on windows) - only thing breaking seems to be how I import the test keys - idk how to fix, and I've no windows machine And it did work on mac too |
682eb69 to
77b21fd
Compare
|
|
||
| impl SigningBackend for GpgBackend { | ||
| fn name(&self) -> &str { | ||
| "GPG" |
There was a problem hiding this comment.
nit: maybe better to stick to lowercase "gpg"? I expect config key would be lowercase (with dash or underscore.)
There was a problem hiding this comment.
Agreed. Resolved in #3007
| // in the output from --status-fd=1 | ||
| // Assume signature is invalid if none of the above was found | ||
| output | ||
| .split(|&b| b == b'\n') |
There was a problem hiding this comment.
Perhaps, this text parsing part can be split to function, and added test for that.
| signature_file.path().as_os_str(), /* the only reason we have those .as_refs | ||
| * transmuting to &OsStr everywhere.. */ | ||
| "-".as_ref(), | ||
| ], |
There was a problem hiding this comment.
Maybe run() could be split to two functions? If the first half returned a Command object, we don't have to build a slice of a certain type.
| .prefix("jj-test-") | ||
| .tempdir() | ||
| .unwrap() | ||
| .into_path(); |
There was a problem hiding this comment.
Maybe you know, but this temporary directory isn't removed at exit.
There was a problem hiding this comment.
The tempfile crate implements the Drop trait which cleans up the file. This should be fine!
There was a problem hiding this comment.
It's static object, so Drop won't be called afaik.
| force: bool, | ||
| /// Drop the signature, explicitly "un-signing" the commit. | ||
| #[arg(long, short = 'D', conflicts_with = "force")] | ||
| drop: bool, |
There was a problem hiding this comment.
nit: might be better to make sign --drop a separate command. jj tends to have create/delete/set/get/list verbs as subcommands.
|
I started work on adding an ssh backend - initial wip implementation based on the GpgBackend can be found here: julienvincent@eb623e6 This commit was created and signed by that commit! I love that haha. |
|
A comment I have after using this - I don't think commands like
Git only performs signature validation when the I'll make this change on my branch unless someone objects. |
Well then it'll show
I thought about it, but it didn't seem that bad, and it's only there if you enable signing, again
We could remove it from the default template and add docs that show how to get it back if someone wants them (also check out Also okay performance issue makes sense for log, but what's wrong with show? It's just a single commit then |
|
Superseded by #3007 and it's followups |
So I've been using this stack locally for a while and I'm very happy with it, but I couldn't find it in me (at least for a little while at the moment) to actually finish it, and the only thing that has to be done here is just more tests 🤷
And well also I just noticed the changelog checkbox, changelog too
And also SSH impl, I was focused on GPG, but an SSH impl should be trivial at this point (cc @chriskrycho)
I'm just pushing this just so that it's not only on my machine, and maybe for someone to take it and make the final push to have it in main (maybe me after a few months) - every commit is independent and can be cherry-picked (hm, except I think in the templater one I touch some stuff in the signer, could conflict a little, eh)
Also the GPG impl commit has those weird tests that need a gpg binary in path which I'm 95% certain will fail on windows/mac, and maybe on linux too 🙃
Checklist
If applicable:
CHANGELOG.md