diff options
author | Sean Whitton <spwhitton@spwhitton.name> | 2019-07-25 11:56:49 +0100 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2019-07-25 11:56:49 +0100 |
commit | 4838d8a37bdd2d36421772186b9c846eb2d37f68 (patch) | |
tree | 4595da81ab0483be1470bc6e490bba2afae7d0c8 /bin/git-dotfiles-update-master | |
parent | bc92e5f3de33d7966c098bfb0c49d6b408508597 (diff) | |
download | dotfiles-4838d8a37bdd2d36421772186b9c846eb2d37f68.tar.gz |
more robust checking of signature on dotfiles
Diffstat (limited to 'bin/git-dotfiles-update-master')
-rwxr-xr-x | bin/git-dotfiles-update-master | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/bin/git-dotfiles-update-master b/bin/git-dotfiles-update-master index cf3bf8e9..731cd2f4 100755 --- a/bin/git-dotfiles-update-master +++ b/bin/git-dotfiles-update-master @@ -18,8 +18,8 @@ set -e . $HOME/.shenv git fetch origin -if git verify-commit --raw origin/master 2>&1 \ - | grep "VALIDSIG .* 8DC2487E51ABDD90B5C4753F0F56D0553B6D411B"; then +if git verify-commit-by-fp \ + 8DC2487E51ABDD90B5C4753F0F56D0553B6D411B origin/master; then # we only fast-forward master, to avoid the possibility of an # attacker causing us to check out an older signed commit than the # one we have now |