Skip to content

All 3 merge methods (merge, squash, rebase) #97

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
vimal-java-dev merged 2 commits into from
Apr 22, 2026
Merged

All 3 merge methods (merge, squash, rebase) #97

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3fa378c
all 3 merge methods (merge, squash, rebase)
vimal-java-dev Apr 22, 2026
d1814b4
Nested if accidentally duplicated
vimal-java-dev Apr 22, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 34 additions & 19 deletions .github/workflows/doc-check-linter.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,33 +63,48 @@ jobs:
fi

# ---------- Verify latest commit ----------
- name: Verify latest commit signature
- name: Verify commit signature
run: |
if [ "${{ github.event_name }}" = "pull_request" ]; then
LATEST_COMMIT=${{ github.event.pull_request.head.sha }}
else
LATEST_COMMIT=$(git rev-parse HEAD)
fi
echo "🔍 PR mode: verifying ALL commits in PR"

echo "🔍 Verifying commit: $LATEST_COMMIT"
BASE=${{ github.event.pull_request.base.sha }}
HEAD=${{ github.event.pull_request.head.sha }}

if git verify-commit "$LATEST_COMMIT" >/dev/null 2>&1; then
echo "✅ Signature is cryptographically valid"
else
echo "❌ Invalid or missing GPG signature"
exit 1
fi
# Get all commits in PR
COMMITS=$(git rev-list $BASE..$HEAD)

for COMMIT in $COMMITS; do
echo "🔎 Checking commit: $COMMIT"

# Step 1: Cryptographic verification
if git verify-commit "$COMMIT" >/dev/null 2>&1; then
echo "✅ Signature valid"
else
echo "❌ Commit not signed properly"
exit 1
fi

# Step 2: Fingerprint check
FINGERPRINT=$(git log -1 --pretty=format:'%GF' "$COMMIT")
echo "🔑 Fingerprint: $FINGERPRINT"

FINGERPRINT=$(git log -1 --pretty=format:'%GF' "$LATEST_COMMIT")
echo "🔑 Signing fingerprint: $FINGERPRINT"
TRUSTED_KEYS="83FB991D930D7177F25456C07F4C7CA953E1C09E D432152833DA3244"

TRUSTED_KEYS="83FB991D930D7177F25456C07F4C7CA953E1C09E D432152833DA3244 4AEE18F83AFDEB23 B5690EEEBB952194"
if echo "$TRUSTED_KEYS" | grep -q "$FINGERPRINT"; then
echo "✅ Trusted key"
else
echo "❌ Untrusted key!"
exit 1
fi
done

if echo "$TRUSTED_KEYS" | grep -q "$FINGERPRINT"; then
echo "✅ Trusted signer"
echo "🎉 All PR commits are valid and trusted"

else
echo "❌ Untrusted signing key!"
exit 1
echo "🔍 Push to main detected"
echo "ℹ️ Skipping strict GPG verification for merge/rebase/squash commit"
git log -1 --oneline
fi

# ---------- Optional status for skipped forked PRs ----------
Expand Down
Loading