The previous recommendation, running ‘make authenticate’, was insecure
because it led users to run code from the very repository they want to
authenticate:
https://lists.gnu.org/archive/html/guix-devel/2024-04/msg00252.html
* Makefile.am (commit_v1_0_0, channel_intro_commit)
(channel_intro_signer, GUIX_GIT_KEYRING, authenticate): Remove.
* Makefile.am (.git/hooks/%): New target, generalization of previous
‘.git/hooks/pre-push’ target.
(nodist_noinst_DATA): Add ‘.git/hooks/post-merge’.
* doc/contributing.texi (Building from Git): Suggest ‘guix git
authenticate’ instead of ‘make authenticate’.
* etc/git/post-merge: New file.
* etc/git/pre-push: Run ‘guix git authenticate’ instead of ‘make
authenticate’.
Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Reported-by: Skyler Ferris <skyvine@protonmail.com>
Change-Id: Ia415aa8375013d0dd095e891116f6ce841d93efd
Also use --3way to ease conflict resolutions.
* etc/git/gitconfig [b4]: Add shazam-am-flags option.
Change-Id: I6a92909a5b23a8680c16251aafa084b9a48944ea
* doc/contributing.texi (Contributing) [Reviewing the Work of Others]: New
section.
(Debbugs Usertags): Expound with Emacs Debbugs information and document the
'reviewed-looks-good' usertag.
* etc/git/gitconfig [b4]: New section.
Change-Id: I56630b15ec4fbc5c67e5420dbf2838556a005d6b
Reviewed-by: Ludovic Courtès <ludo@gnu.org>
Partially implements <https://issues.guix.gnu.org/66027>.
This will make it possible to track a merged commit back to its original
posting on the mailing list, and open the door to new opportunities such as
closing fully merged series automatically.
* Makefile.am (COMMIT_MSG_MAGIC): New variable.
(.git/hooks/commit-msg): New target.
* etc/git/commit-msg: New file.
* doc/contributing.texi (Configuring Git): Document Change-Id.
Series-changes: 3
- Clarify documentation text, as suggested by Simon
Change-Id: Ia92fa958eae600fdd4e180bad494c85db8bb4dd6
Reviewed-by: Simon Tournier <zimon.toutoune@gmail.com>
This change was more invasive than initially thought, and cannot be disabled
easily, as raised by a few people. Let's revert it for now. At least the
pre-push hook should be deployed automatically and catch any unsigned commits
attempted to be pushed to Savannah.
* etc/git/gitconfig [commit]: Remove section.
This means we do not need to worry anymore about manually syncing the pre-push
git hook or the Guix-provided git configuration.
* etc/git/gitconfig: Augment configuration template with useful options to
allow for auto-configuration.
* Makefile.am (.git/hooks/pre-push, .git/config): New targets.
(nodist_noinst_DATA): New primary variable holding the above targets.
This is a follow-up to commit 9fc8ae4171, which
missed two hunks from <https://issues.guix.gnu.org/50363>.
Reported by hackeryarn on #guix.
* .gitattributes, etc/git/gitconfig: New files.
Signed-off-by: Marius Bakke <marius@gnu.org>