jj-vcs
Implementation of the rest of the gpg signing support
So I've been using this stack locally for a while and I'm very happy with it, but I couldn't find it in me (at least for a little while at the moment) to actually finish it, and the only thing that has to be done here is just more tests 🤷
And well also I just noticed the changelog checkbox, changelog too And also SSH impl, I was focused on GPG, but an SSH impl should be trivial at this point (cc @chriskrycho)
I'm just pushing this just so that it's not only on my machine, and maybe for someone to take it and make the final push to have it in main (maybe me after a few months) - every commit is independent and can be cherry-picked (hm, except I think in the templater one I touch some stuff in the signer, could conflict a little, eh)
Also the GPG impl commit has those weird tests that need a gpg binary in path which I'm 95% certain will fail on windows/mac, and maybe on linux too :upside_down_face:
Checklist
If applicable:
- [ ] I have updated
CHANGELOG.md - [ ] I have updated the documentation (README.md, docs/, demos/)
- [x] I have updated the config schema (cli/src/config-schema.json)
- [ ] I have added tests to cover my changes
Huuuuuh, gpg is not only present on the windows worker, but even works (in a sense that jj successfully calls the command, so a build off this PR should work on windows) - only thing breaking seems to be how I import the test keys - idk how to fix, and I've no windows machine
And it did work on mac too
I started work on adding an ssh backend - initial wip implementation based on the GpgBackend can be found here: https://github.com/julienvincent/jujutsu/commit/eb623e618182a21e1ec3796fa53170c3adfb5fe9
This commit was created and signed by that commit! I love that haha.
A comment I have after using this - I don't think commands like jj log and jj show should show or verify the signature by default.
-
Even if someone has signing enabled they might not have the necessary public keys configured for verification on their local machine.
-
It has a not-insignificant performance impact when viewing the log - especially on larger repos.
Git only performs signature validation when the --show-signature flag is passed - I think jj should expose the same or similar behaviour.
I'll make this change on my branch unless someone objects.
might not have the necessary public keys configured for verification on their local machine
Well then it'll show ?s, which is "unknown", all part of the plan - it specifically does show you that you need to import some keys if you enabled signing
performance impact
I thought about it, but it didn't seem that bad, and it's only there if you enable signing, again
I think
jjshould expose the same or similar
We could remove it from the default template and add docs that show how to get it back if someone wants them (also check out builtin_log_detailed)
I had no issues, but I've never used repos that would have thousands of signatures either - and I really like the green checkmarks it gives me :)
Also okay performance issue makes sense for log, but what's wrong with show? It's just a single commit then