Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-10-05 | Invalidate GpgSignatures associated to GpgKeySubkeys when revoking the GpgKey | Rubén Dávila | |
2017-10-05 | Fix some broken specs | Rubén Dávila | |
2017-10-05 | Address feedback from last code review | Rubén Dávila | |
2017-10-05 | Remove unused association | Rubén Dávila | |
2017-10-05 | Render GPG subkeys on index page | Rubén Dávila | |
2017-10-05 | Associate GgpSignature with GpgKeySubkey if comes from a subkey | Rubén Dávila | |
Additionally we're delegating missing method calls on GpgKeySubkey to GpgKey since most of the info required when verifying a signature is found on GpgKey which is the parent of GpgKeySubkey | |||
2017-10-05 | Add ability to include subkeys when finding by fingerprint | Rubén Dávila | |
2017-10-05 | Refactor the extraction and generation of GPG subkeys | Rubén Dávila | |
2017-10-05 | Use a separate model to handle GPG subkeys | Rubén Dávila | |
2017-10-05 | Delegate #key to parent when working with a GPG subkey | Rubén Dávila | |
The content returned by #key is important when veryfying the signature, so given we don't want to repeat it in the database for GPG subkeys we need to delegate it to the parent. | |||
2017-10-05 | Process and create subkeys when a new GPG key is created | Rubén Dávila | |
2017-09-29 | Make GPG validation case insensitive. | Tim Bishop | |
In line with other changes in GitLab, make email address validation properly case insensitive. The email address in the commit may be in any case, so it needs downcasing to match the address stored in GitLab for the user. Without this change the comparison fails and commits are not marked as verified. See #37009. | |||
2017-09-15 | created services for keys | haseeb | |
2017-09-05 | use new #verification_status | Alexis Reigel | |
2017-09-05 | use User#verified_email? for gpg key verification | Alexis Reigel | |
2017-09-05 | simplify check for verified email in collection | Alexis Reigel | |
2017-09-05 | match the committer's email against the gpg key | Alexis Reigel | |
the updated verification of a gpg signature requires the committer's email to also match the user's and the key's emails. | |||
2017-07-27 | improve gpg key validation | Alexis Reigel | |
when omitting the end part of the key ('-----END PGP PUBLIC KEY BLOCK-----') the error message was not about the key anymore, but about the missing fingerprint and primary_keyid, which was confusing for the user. the new validation checks that the end also matches the expected format. | |||
2017-07-27 | update all records at once using `update_all` | Alexis Reigel | |
2017-07-27 | simplify nil handling | Alexis Reigel | |
2017-07-27 | upcase in the model instead of in the view | Alexis Reigel | |
2017-07-27 | use db's on_delete instead of has_many :dependent | Alexis Reigel | |
2017-07-27 | use ShaAttribute for gpg table columns | Alexis Reigel | |
2017-07-27 | store gpg user name and email on the signature | Alexis Reigel | |
2017-07-27 | user may now revoke a gpg key | Alexis Reigel | |
other than just removing a key, which doesn't affect the verified state of a commit, revoking a key unverifies all signed commits. | |||
2017-07-27 | use after_commit instead of AfterCommitQueue | Alexis Reigel | |
2017-07-27 | validate presence of user on gpg_key | Alexis Reigel | |
2017-07-27 | use hash instead of 2d array | Alexis Reigel | |
2017-07-27 | allow removal of gpg key by nullifying signatures | Alexis Reigel | |
2017-07-27 | perform signature update in sidekiq worker | Alexis Reigel | |
2017-07-27 | update invalid gpg signatures when email changes | Alexis Reigel | |
2017-07-27 | update invalid gpg signatures when key is created | Alexis Reigel | |
2017-07-27 | gpg signature is only valid when key is verified | Alexis Reigel | |
2017-07-27 | add primary keyid attribute to gpg keys | Alexis Reigel | |
2017-07-27 | don't sync to keychain file | Alexis Reigel | |
2017-07-27 | remove gpg from keychain when user's email changes | Alexis Reigel | |
2017-07-27 | notification email on add new gpg key | Alexis Reigel | |
2017-07-27 | gpg email verification | Alexis Reigel | |
2017-07-27 | move current keychain methods to namespace | Alexis Reigel | |
2017-07-27 | email handling for gpg keys | Alexis Reigel | |
2017-07-27 | add / remove gpg keys to / from system keychain | Alexis Reigel | |
2017-07-27 | extract gpg functionality to lib class | Alexis Reigel | |
2017-07-27 | only validate gpg_key#fingerprint "internally" | Alexis Reigel | |
2017-07-27 | add emails method to GgpKey | Alexis Reigel | |
2017-07-27 | add gpg key model | Alexis Reigel | |