diff options
| author | Dave Borowitz <dborowitz@google.com> | 2015-08-19 11:26:46 -0400 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2015-08-19 12:58:45 -0700 |
| commit | 30261094b1f7fdcba3b7a1f396e43891cd998149 (patch) | |
| tree | 1ad9cc07d3c3dc5fb1a07c878be7f9b0fe2d4dde /Documentation/git-push.txt | |
| parent | 068c77a5189584de2a8d9c2ad29e2370159444ae (diff) | |
| download | git-30261094b1f7fdcba3b7a1f396e43891cd998149.tar.gz | |
push: support signing pushes iff the server supports it
Add a new flag --sign=true (or --sign=false), which means the same
thing as the original --signed (or --no-signed). Give it a third
value --sign=if-asked to tell push and send-pack to send a push
certificate if and only if the server advertised a push cert nonce.
If not, warn the user that their push may not be as secure as they
thought.
Signed-off-by: Dave Borowitz <dborowitz@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'Documentation/git-push.txt')
| -rw-r--r-- | Documentation/git-push.txt | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/Documentation/git-push.txt b/Documentation/git-push.txt index da0a98d58c..1495e3416c 100644 --- a/Documentation/git-push.txt +++ b/Documentation/git-push.txt @@ -11,7 +11,8 @@ SYNOPSIS [verse] 'git push' [--all | --mirror | --tags] [--follow-tags] [--atomic] [-n | --dry-run] [--receive-pack=<git-receive-pack>] [--repo=<repository>] [-f | --force] [--prune] [-v | --verbose] - [-u | --set-upstream] [--signed] + [-u | --set-upstream] + [--[no-]signed|--sign=(true|false|if-asked)] [--force-with-lease[=<refname>[:<expect>]]] [--no-verify] [<repository> [<refspec>...]] @@ -132,14 +133,16 @@ already exists on the remote side. with configuration variable 'push.followTags'. For more information, see 'push.followTags' in linkgit:git-config[1]. - ---signed:: +--[no-]signed:: +--sign=(true|false|if-asked):: GPG-sign the push request to update refs on the receiving side, to allow it to be checked by the hooks and/or be - logged. See linkgit:git-receive-pack[1] for the details - on the receiving end. If the attempt to sign with `gpg` fails, - or if the server does not support signed pushes, the push will - fail. + logged. If `false` or `--no-signed`, no signing will be + attempted. If `true` or `--signed`, the push will fail if the + server does not support signed pushes. If set to `if-asked`, + sign if and only if the server supports signed pushes. The push + will also fail if the actual call to `gpg --sign` fails. See + linkgit:git-receive-pack[1] for the details on the receiving end. --[no-]atomic:: Use an atomic transaction on the remote side if available. |