GNU bug report logs - #41787
[PATCH] Disallow SHA1 signatures on commits

Previous Next

Package: guix-patches;

Reported by: Ludovic Courtès <ludo <at> gnu.org>

Date: Wed, 10 Jun 2020 13:17:02 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #10 received at 41787-done <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: 41787-done <at> debbugs.gnu.org
Subject: Re: [bug#41787] [PATCH] Disallow SHA1 signatures on commits
Date: Fri, 12 Jun 2020 18:57:44 +0200

Ludovic Courtès <ludo <at> gnu.org> skribis:

>>From e902fdf083627d548541d6cc53643df4071616c7 Mon Sep 17 00:00:00 2001
> From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo <at> gnu.org>
> Date: Wed, 10 Jun 2020 14:54:13 +0200
> Subject: [PATCH] git-authenticate: Disallow SHA1 (and MD5) signatures.
>
> * guix/git-authenticate.scm (commit-signing-key): Add
>  #:disallowed-hash-algorithms and honor it.
> (authenticate-commit)[recent-commit?]: New variable.
> Pass #:disallowed-hash-algorithms to 'commit-signing-key'.
> * tests/git-authenticate.scm ("signed commits, SHA1 signature"): New test.

Pushed as 52c529ff20b389eb64ac033586e6b1a5c5d82cb5.

Ludo’.

This bug report was last modified 4 years and 341 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #41787 [PATCH] Disallow SHA1 signatures on commits

GNU bug report logs - #41787
[PATCH] Disallow SHA1 signatures on commits