guix-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

04/04: maint: Git pre-push hook runs "make authenticate check-channel-ne

From: guix-commits
Subject: 04/04: maint: Git pre-push hook runs "make authenticate check-channel-news".
Date: Fri, 29 May 2020 12:32:42 -0400 (EDT) 
civodul pushed a commit to branch master
in repository guix.

commit e65a44649e8d7698c4a888f1de625a67052520e9
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Fri May 29 18:19:07 2020 +0200

    maint: Git pre-push hook runs "make authenticate check-channel-news".
    
    * etc/git/pre-push: Change to run "make authenticate check-channel-news".
---
 etc/git/pre-push | 49 +++++--------------------------------------------
 1 file changed, 5 insertions(+), 44 deletions(-)

diff --git a/etc/git/pre-push b/etc/git/pre-push
index 9206a2d..59294f0 100755
--- a/etc/git/pre-push
+++ b/etc/git/pre-push
@@ -1,7 +1,6 @@
 #!/bin/sh
 
-# This hook script prevents the user from pushing to Savannah if any of the new
-# commits' OpenPGP signatures cannot be verified.
+# A hook script that prevents the user from pushing unsigned commits.
 
 # Called by "git push" after it has checked the remote status, but before
 # anything has been pushed.  If this script exits with a non-zero status 
nothing
@@ -19,51 +18,13 @@
 #
 #   <local ref> <local sha1> <remote ref> <remote sha1>
 
-z40=0000000000000000000000000000000000000000
-
 # Only use the hook when pushing to Savannah.
 case "$2" in
-*git.sv.gnu.org*)
-       break
+    *.gnu.org*)
+       exec make authenticate check-channel-news
+       exit 127
        ;;
-*)
+    *)
        exit 0
        ;;
 esac
-
-while read local_ref local_sha remote_ref remote_sha
-do
-       if [ "$local_sha" = $z40 ]
-       then
-               # Handle delete
-               :
-       else
-               if [ "$remote_sha" = $z40 ]
-               then
-                       # We are pushing a new branch. To prevent wasting too
-                       # much time for this relatively rare case, we examine
-                       # all commits since the first signed commit, rather than
-                       # the full history. This check *will* fail, and the user
-                       # will need to temporarily disable the hook to push the
-                       # new branch.
-                       
range="e3d0fcbf7e55e8cbe8d0a1c5a24d73f341d7243b..$local_sha"
-               else
-                       # Update to existing branch, examine new commits
-                       range="$remote_sha..$local_sha"
-               fi
-
-               # Verify the signatures of all commits being pushed.
-               ret=0
-               for commit in $(git rev-list $range)
-               do
-                       if ! git verify-commit $commit >/dev/null 2>&1
-                       then
-                               printf "%s failed signature check\n" $commit
-                               ret=1
-                       fi
-               done
-               exit $ret
-       fi
-done
-
-exit 0
reply via email to
[Prev in Thread] Current Thread [Next in Thread]