Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/gitlab/gpg
AgeCommit message (Collapse)Author
2019-10-17Add latest changes from gitlab-org/gitlab@masterGitLab Bot
2019-09-18Add latest changes from gitlab-org/gitlab@masterGitLab Bot
2019-06-17Fix GPG signature verification with recent versions of GnuPGDavid Palubin
2019-02-06Avoid race conditions when creating GpgSignatureBob Van Landuyt
This avoids race conditions when creating GpgSignature.
2018-12-05Gracefully handle unknown/invalid GPG keysStan Hu
An unknown public GPG key will result in a GPGME::Error thrown from gpg, which would cause an Error 500 on the signatures endpoint. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/54729
2018-11-13Enable even more frozen string in lib/gitlabgfyoung
Enables frozen string for the following: * lib/gitlab/fogbugz_import/**/*.rb * lib/gitlab/gfm/**/*.rb * lib/gitlab/git/**/*.rb * lib/gitlab/gitaly_client/**/*.rb * lib/gitlab/gitlab_import/**/*.rb * lib/gitlab/google_code_import/**/*.rb * lib/gitlab/gpg/**/*.rb * lib/gitlab/grape_logging/**/*.rb * lib/gitlab/graphql/**/*.rb * lib/gitlab/graphs/**/*.rb * lib/gitlab/hashed_storage/**/*.rb * lib/gitlab/health_checks/**/*.rb Partially address gitlab-org/gitlab-ce#47424.
2018-09-11Disable existing offenses for the CodeReuse copsYorick Peterse
This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop.
2018-07-09Updates from `rubocop -a`Lin Jen-Shin
2018-03-01Fetch commit signatures from Gitaly in batchesAhmad Sherif
Closes gitaly#1046
2018-02-19Fix Error 500 when viewing a commit with a GPG signature in GeoStan Hu
Closes gitlab-org/gitlab-ee#4825
2018-01-18Retrieve commit signatures with GitalyJacob Vosmaer (GitLab)
2017-10-07Fix error with GPG signature updater when commit was deletedRubén Dávila
2017-10-05Address some feedback from last code reviewRubén Dávila
2017-10-05Address feedback from last code reviewRubén Dávila
2017-10-05Consider GPG subkeys when trying to update invalid GPG signaturesRubén Dávila
2017-10-05Associate GgpSignature with GpgKeySubkey if comes from a subkeyRubén Dávila
Additionally we're delegating missing method calls on GpgKeySubkey to GpgKey since most of the info required when verifying a signature is found on GpgKey which is the parent of GpgKeySubkey
2017-10-05Add ability to include subkeys when finding by fingerprintRubén Dávila
2017-09-05drop backwards compatibility for valid_signatureAlexis Reigel
2017-09-05use new #verification_statusAlexis Reigel
2017-09-05only use symbols instead of enum hash accessorAlexis Reigel
2017-09-05simplify if/else with guardsAlexis Reigel
2017-09-05add verification_status: same_user_different_emailAlexis Reigel
this is used to make a difference between a committer email that belongs to user, where the user used a different email for the gpg key. this means that the user is the same, but a different, unverified email is used for the signature.
2017-09-05match the committer's email against the gpg keyAlexis Reigel
the updated verification of a gpg signature requires the committer's email to also match the user's and the key's emails.
2017-09-05pass whole commit to Gitlab::Gpg::Commit againAlexis Reigel
we need the commit object for the updated verification that also checks the committer's email to match the gpg key and user's emails.
2017-08-16Only create commit GPG signature when necessaryDouwe Maan
2017-07-27optimize query, only select relevant db columnsAlexis Reigel
2017-07-27store gpg user name and email on the signatureAlexis Reigel
2017-07-27also update gpg_signatures when gpg_key is nullAlexis Reigel
2017-07-27remove duplicate statementAlexis Reigel
2017-07-27simplify fetching of commitAlexis Reigel
2017-07-27fix memoizationAlexis Reigel
2017-07-27we need to update the gpg_key as wellAlexis Reigel
2017-07-27need to wrap the raw commit in a commit modelAlexis Reigel
2017-07-27no need for passing parameterAlexis Reigel
we introduced memoizing, so it's safe to call the method multiple times.
2017-07-27update invalid gpg signatures when key is createdAlexis Reigel
2017-07-27allow updating of gpg signature through gpg commitAlexis Reigel
2017-07-27memoize verified_signature callAlexis Reigel
2017-07-27store gpg_key_primary_keyid for unknown gpg keysAlexis Reigel
we need to store the keyid to be able to update the signature later in case the missing key is added later.
2017-07-27move signature cache read to Gpg::CommitAlexis Reigel
as we write the cache in the gpg commit class already the read should also happen there. This also removes all logic from the main commit class, which just proxies the call to the Gpg::Commit now.
2017-07-27gpg signature is only valid when key is verifiedAlexis Reigel
2017-07-27bail if the commit has no signatureAlexis Reigel
2017-07-27cache the gpg commit signatureAlexis Reigel
we store the result of the gpg commit verification in the db because the gpg verification is an expensive operation.
    generated by cgit v1.2.3 (git 2.25.1) at 2024-08-10 02:53:34 +0300