Git log showing raw GPG output as commits
chris-fj opened this issue · comments
Before proceeding...
- My CLIs meet the minimum version requirements
- I have read through the troubleshooting guide
- If I updated fzf.fish for the first time in over 6 months, I read the migration guides to make sure I'm caught up
Describe the bug
If you happen to have GPG signed commits and your repo or global git configuration showw GPG signatures by default (setting showSignature = true
on the repo or the global .gitconfig
) , the signatures appear on the git log as entries that parse with errors. An example is this very repo, see the capture below:
with my global .gitconfig
being like this:
[user]
signingKey = xxxx
name = xxx
email = xxx
[commit]
gpgSign = true
[core]
editor = vim
[gpg]
program = gpg
[log]
showSignature = true
[init]
defaultBranch = master
If you force git to not show GPG signatures (by commenting showSignature = true), this of course disappears
but I see this suboptimal since it hides the signature information
Steps to reproduce
Use git log on a repo with gpg-signed commits
Environment
Versions installed:
- Fish: 3.5.1
- fzf.fish: 9.5
- terminal: Konsole
- OS: Arch Linux
Which, if any, configuration variables such as fzf_preview_file_cmd
are set?
None
Additional context
None
I opened #287 that adds a new flag to indicate the status of the signature, as per git log
's %G?
flag. The values are:
show "G" for a good (valid) signature, "B" for a bad signature, "U" for a good signature with unknown validity, "X" for a good signature that has expired, "Y" for a good signature made by an expired key, "R" for a good signature made by a revoked key, "E" if the signature cannot be checked (e.g. missing key) and "N" for no signature
For "E" (can't verify signature) it looks like this:
and for "G" (good valid signature) it looks like this:
and I can't really test the other use cases 😅
I know this is slightly tangential to the bug, but I want to make sure I understand exactly what is happening and how GPG integrates with git before I fix the bug. When the error message says gpg: Can't check signature: No public key
, is that because it found a signed commit but can't verify the signature because your gpg config doesn't have the public key used to sign that signature?
it found a signed commit but can't verify the signature because your gpg config doesn't have the public key used to sign that signature
Exactly this. The user's keyring does not contain a public key paired to the private key used to generate the signature