-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
exploration: replace gpgme with rpgp #240
exploration: replace gpgme with rpgp #240
Conversation
118dfcd
to
f27843c
Compare
Signed-off-by: Ali Caglayan <alizter@gmail.com>
Signed-off-by: Ali Caglayan <alizter@gmail.com>
f27843c
to
8d628c8
Compare
@drewdeponte I've pushed another commit here that tests |
@Alizter I briefly looked into this last night and it seems like the first step is just figuring out how to get the private key we need out of gpg given a key id. Because what you give to the git config in the So, I tried looking at the library, but I don't think it provides anything for reading a GPG keyring and getting a key out. So, I think we would need to externally run some I am not sure what this |
Actually, this might be what we want |
Thinking more about this, I think we can get rid of entire rpgp dependency as well if we just shell out to the command to do the signing. I believe this is what Git actually does. It streamlines the dependencies we have to worry about across platforms and because we are piggy backing off of the Git config we can get the info about the gpg command from that or fall back to looking for it in the path. |
After some quick googling this might be helpful, https://unix.stackexchange.com/questions/475052/how-to-detach-sign-a-file-with-a-specific-private-key-why-this-fails |
I am closing this PR because I just integrated commit ec71fc2 which replaces the nead for this as it implements gpg signing using the external gpg command. |
This is a way to replace gpgme with rpgp. I haven't actually tested it so it might be incorrect. I haven't bothered to update the errors just yet, but @drewdeponte you will probably want to do that himself anyway.