Commit Briefs
create and verify tags signed by SSH keys
This adds a new -s flag to 'got tag' that specifies the signer identity (for example, a key file) of the tagger. The tag object will include a signature that validates each of the tag object headers and the tag message. Verifying these signed tags requires maintaining an allowed signers file which maps signer identities (i.e. the email address of the tagger) to SSH public keys. See ssh-keygen(1) for more details of the allowed signers file. After creating this file and providing the path to it in got.conf(5) using the allowed_signers option, tags may be verified using with 'got tag -V tag_name'. The return code will be non-zero if a signature fails to verify. ok stsp@
tweak implementation of separate send {} and fetch {} conf blocks
Tweak man page. Factor out repeated code in if/else branches in send_gotconfig_remotes(). ok stsp@
provide separate send {} and fetch {} configuration blocks in got.conf
Feature requested by naddy. ok naddy, who also suggested some tweaks that will arrive shortly
add a 'reference' directive to remote repositories in got.conf(5)
Make use of this in 'got clone' to persist -R option arguments given on the command line in the cloned repository's got.conf(5) file.
add a 'fetch-all-branches' configuration setting to got.conf(5)
Set fetch-all-branches in the got.conf(5) file created by 'got clone -a' in order to make a future 'got fetch' act like 'got fetch -a' by default.
Stop including <sys/syslimits.h> directly.
POSIX says the limits defined there are available from <limits.h>, which almost all affected source files already included anyway. ok millert stsp
add got.conf(5) configuration file
ok tracey