kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
70768 commits 1 branch 0 tags 899 MiB
Commit graph

20 commits

Author SHA1 Message Date
Rubén Dávila
4aa2deb478 Fix error with GPG signature updater when commit was deleted 2017-10-07 10:47:53 -05:00
Rubén Dávila
5595d73763 Small refactor and fix for RuboCop 2017-10-05 10:17:18 -05:00
Rubén Dávila
dd139e65b5 Invalidate GpgSignatures associated to GpgKeySubkeys when revoking the GpgKey 2017-10-05 08:26:02 -05:00
Rubén Dávila
2577cc9981 Address some feedback from last code review 2017-10-05 08:26:02 -05:00
Rubén Dávila
c50725fecf Address feedback from last code review 2017-10-05 08:25:27 -05:00
Rubén Dávila
9b4990a4d7 Associate GgpSignature with GpgKeySubkey if comes from a subkey 
Additionally we're delegating missing method calls on GpgKeySubkey to
GpgKey since most of the info required when verifying a signature is
found on GpgKey which is the parent of GpgKeySubkey
 2017-10-05 08:25:27 -05:00
Alexis Reigel
cab6745f53 Revert "make valid_signature an ignored column" 
This reverts commit cce9afa38a8aa3f3e5a43ab952e1c022c9dd9385.
 2017-09-05 14:09:40 +02:00
Alexis Reigel
3ffe35f327 make valid_signature an ignored column 2017-09-05 12:18:34 +02:00
Alexis Reigel
b62c1620ea drop backwards compatibility for valid_signature 2017-09-05 12:18:33 +02:00
Alexis Reigel
978252a3fa use new #verification_status 2017-09-05 12:18:33 +02:00
Alexis Reigel
00392d929b add verification_status: same_user_different_email 
this is used to make a difference between a committer email that belongs
to user, where the user used a different email for the gpg key. this
means that the user is the same, but a different, unverified email is
used for the signature.
 2017-09-05 12:18:32 +02:00
Alexis Reigel
64855c8e30 match the committer's email against the gpg key 
the updated verification of a gpg signature requires the committer's
email to also match the user's and the key's emails.
 2017-09-05 12:18:31 +02:00
Alexis Reigel
508ff17b34 pass whole commit to Gitlab::Gpg::Commit again 
we need the commit object for the updated verification that also checks
the committer's email to match the gpg key and user's emails.
 2017-09-05 12:18:31 +02:00
Douwe Maan
ba7251fefd Only create commit GPG signature when necessary 2017-08-16 18:57:50 +02:00
Alexis Reigel
fef030c23d validate the foreign_key instead of the relation 2017-07-27 15:46:04 +02:00
Alexis Reigel
98531fc248 upcase in the model instead of in the view 2017-07-27 15:46:03 +02:00
Alexis Reigel
8e0c33ed13 use ShaAttribute for gpg table columns 2017-07-27 15:46:03 +02:00
Alexis Reigel
a7d2ebe508 simplify fetching of commit 2017-07-27 15:43:37 +02:00
Alexis Reigel
5d5fd4babe store gpg_key_primary_keyid for unknown gpg keys 
we need to store the keyid to be able to update the signature later in
case the missing key is added later.
 2017-07-27 15:42:53 +02:00
Alexis Reigel
8236b12dff gpg signature model for gpg verification caching 2017-07-27 15:42:53 +02:00