summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLibravatar Junio C Hamano <gitster@pobox.com>2016-05-17 14:38:39 -0700
committerLibravatar Junio C Hamano <gitster@pobox.com>2016-05-17 14:38:39 -0700
commitbe6ec17822e523ef4700c612f1ec2baedacd1227 (patch)
tree6606e98fc8a60309c004170a9356f1f9da39d16b
parentMerge branch 'js/windows-dotgit' (diff)
parentDocumentation: clarify signature verification (diff)
downloadtgif-be6ec17822e523ef4700c612f1ec2baedacd1227.tar.xz
Merge branch 'kf/gpg-sig-verification-doc'
Documentation for "git merge --verify-signatures" has been updated to clarify that the signature of only the commit at the tip is verified. Also the phrasing used for signature and key validity is adjusted to align with that used by OpenPGP. * kf/gpg-sig-verification-doc: Documentation: clarify signature verification
-rw-r--r--Documentation/merge-options.txt7
-rw-r--r--Documentation/pretty-formats.txt4
2 files changed, 7 insertions, 4 deletions
diff --git a/Documentation/merge-options.txt b/Documentation/merge-options.txt
index dfb43d000f..5b4a62e936 100644
--- a/Documentation/merge-options.txt
+++ b/Documentation/merge-options.txt
@@ -89,8 +89,11 @@ option can be used to override --squash.
--verify-signatures::
--no-verify-signatures::
- Verify that the commits being merged have good and trusted GPG signatures
- and abort the merge in case they do not.
+ Verify that the tip commit of the side branch being merged is
+ signed with a valid key, i.e. a key that has a valid uid: in the
+ default trust model, this means the signing key has been signed by
+ a trusted key. If the tip commit of the side branch is not signed
+ with a valid key, the merge is aborted.
--summary::
--no-summary::
diff --git a/Documentation/pretty-formats.txt b/Documentation/pretty-formats.txt
index 671cebd95c..29b19b992f 100644
--- a/Documentation/pretty-formats.txt
+++ b/Documentation/pretty-formats.txt
@@ -143,8 +143,8 @@ ifndef::git-rev-list[]
- '%N': commit notes
endif::git-rev-list[]
- '%GG': raw verification message from GPG for a signed commit
-- '%G?': show "G" for a Good signature, "B" for a Bad signature, "U" for a good,
- untrusted signature and "N" for no signature
+- '%G?': show "G" for a good (valid) signature, "B" for a bad signature,
+ "U" for a good signature with unknown validity and "N" for no signature
- '%GS': show the name of the signer for a signed commit
- '%GK': show the key used to sign a signed commit
- '%gD': reflog selector, e.g., `refs/stash@{1}`