0
0
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2024-11-13 21:41:16 +01:00
Commit graph

7 commits

Author SHA1 Message Date
qwerty287
5754080eb9
Fix various typos of software names (#18083)
* `git` -> `Git`
* `Github` and `github` -> `GitHub`
* `crowdin` -> `Crowdin`
* `git-lfs` -> `Git LFS`
* `githooks`, `git hooks`, `git-hooks` -> `Git Hooks`
* `discord` -> `Discord`
* `2fa` -> `2FA`
* `gitlab` and `Gitlab` -> `GitLab`
* `web hook` -> `webhook`
* `linux` -> `Linux`
* `sqlite` -> `SQLite`
* `MYSQL` and `mysql` -> `MySQL`
* rename refs to `master` branch -> `main`
* Fix English grammar
2021-12-24 11:56:57 +08:00
qwerty287
b1df890951
Docs: replace gitea with Gitea (#17838)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-11-28 21:28:30 +08:00
firesoft-de
af2adb4e35
Specify relation between multiple signing options (#15496) 2021-04-15 18:06:32 +02:00
Patrick Schratz
af79677a44
Reformat docs (#13897)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-12-09 07:47:06 +01:00
John Olheiser
dc822d5291
Re-order GPG signing docs and fix code blocks (#10349)
* Move chunk and format

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* word

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-02-19 02:23:45 +01:00
zeripath
3abe17f9e0
Sign protected branches (#8993)
* Move SignMerge to PullRequest

* Add approved signing mode

* As per @guillep2k comment
2019-12-15 11:06:31 +00:00
zeripath
fcb535c5c3
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00