On Tue, Jun 14, 2016 at 10:41:38AM +0200, Alexander Berntsen wrote:
> Friends,
> I saw Brian asking Michał to OpenPGP-sign his commits in IRC, to which
> Michał quipped that we would have if it were enforced. So perhaps we
> should just enforce it. Most of us do it -- but I see Zac not doing it
> sometimes, seemingly at random. In any event, I don't think there's a
> good reason *not* to sign things.
> What do you think? And what's the procedure/who do we talk to, to get
> a pre-push hook set up to enforce it?
A pre-push hook would only do it locally for you, it wouldn't enforce it
on the server side.

Please file a bug to have infra turn it on for the repos you want
(specify them in the bug). 

Here's the actual hook that's used:
Note that it only verifies on the master branch, and for merges, only
the merge-commit onto master is verified.

Robin Hugh Johnson
Gentoo Linux: Dev, Infra Lead, Foundation Trustee & Treasurer
E-Mail   : robb...@gentoo.org
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136

Reply via email to