diff options
-rw-r--r-- | .github/PULL_REQUEST_TEMPLATE.md | 13 | ||||
-rw-r--r-- | README.rst | 58 | ||||
-rw-r--r-- | debian/changelog | 27 | ||||
-rw-r--r-- | debian/control | 6 | ||||
-rw-r--r-- | debian/copyright | 4 | ||||
-rw-r--r-- | debian/patches/0001-Debianise-README.patch | 24 | ||||
-rw-r--r-- | debian/patches/series | 1 | ||||
-rwxr-xr-x | debian/rules | 9 | ||||
-rwxr-xr-x | git-remote-gcrypt | 4 |
9 files changed, 91 insertions, 55 deletions
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..32cf2b6 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,13 @@ +Thank you for your interest in contributing to this project! + +Please **do not** submit a pull request on GitHub. This repository is +an automated mirror, and I don't develop using GitHub's platform. + +Instead, either + +- publish a branch somewhere (a GitHub fork is fine), and e-mail + <spwhitton@spwhitton.name> asking me to merge your branch, possibly + using git-request-pull(1) + +- prepare patches with git-format-patch(1), and send them to + <spwhitton@spwhitton.name>, possibly using git-send-email(1) @@ -22,7 +22,13 @@ over arbitrary git transport. The aim is to provide confidential, authenticated git storage and collaboration using typical untrusted file hosts or services. -PLEASE help us evaluate how well we meet this design goal! + +Installation +............ + +* ``apt-get install git-remote-gcrypt`` on Debian and Ubuntu systems + +* run the supplied ``install.sh`` script on other systems Quickstart .......... @@ -60,12 +66,16 @@ The following ``git-config(1)`` variables are supported: .. ``gcrypt.publish-participants`` By default, the gpg key ids of the participants are obscured by - encrypting using `gpg -R`. Setting this option to `true` disables + encrypting using ``gpg -R``. Setting this option to ``true`` disables that security measure. - The problem with using `gpg -R` is that to decrypt, gpg tries each + The problem with using ``gpg -R`` is that to decrypt, gpg tries each available secret key in turn until it finds a usable key. - This can result in unncessary passphrase prompts. + This can result in unnecessary passphrase prompts. + +``gcrypt.gpg-args`` + The contents of this setting are passed as arguments to gpg. + E.g. ``--use-agent``. ``remote.<name>.gcrypt-signingkey`` .. @@ -75,26 +85,11 @@ The following ``git-config(1)`` variables are supported: part of the participant list. You may use the per-remote version to sign different remotes using different keys. -``gcrypt.gpg-args`` - The contents of this setting are passed as arguments to gpg. - E.g. ``--use-agent``. - Environment Variables ===================== *GCRYPT_FULL_REPACK* - This environment variable forces full repack when pushing. - -Note to users of GnuPG version 2 -================================ - -When a repository was pushed with ``gcrypt.publish-participants`` -false (i.e. the recipient is anonymous), and you are using GnuPG -version 2, you will need to include ``--try-all-secrets`` or -``--try-secret-key ID`` in ``gcrypt.gpg-args``. - -GnuPG version 1 always tries all available secret keys when it -encounters a message with an anonymous recipient. + This environment variable forces a full repack when pushing. Examples ======== @@ -112,7 +107,7 @@ How to use a git backend:: git remote add gitcrypt gcrypt::git@example.com:repo#next git push gitcrypt master -The URL fragment (`#next` here) indicates which backend branch is used. +The URL fragment (``#next`` here) indicates which backend branch is used. Notes ===== @@ -139,6 +134,14 @@ Remote ID a warning if the Remote ID changes, which should only happen if the remote was re-created. +Performance + Using an arbitrary `<giturl>` or an `sftp://` URI requires + uploading the entire repository history with each push. If your + repository history is large or you are pushing over a slow link, + consider using the `rsync://` transport, which performs + incremental pushes. Note that the latter won't work with a + repository hosting service like Gitolite, GitHub or GitLab. + Repository Format ................. @@ -198,8 +201,8 @@ Each item extends until newline, and matches one of the following: Detecting gcrypt repos ====================== -To detect if a git url is a gcrypt repo, use: git-remote-gcrypt --check url -Exit status if 0 if the repo exists and can be decrypted, 1 if the repo +To detect if a git url is a gcrypt repo, use: ``git-remote-gcrypt --check url`` +Exit status is 0 if the repo exists and can be decrypted, 1 if the repo uses gcrypt but could not be decrypted, and 100 if the repo is not encrypted with gcrypt (or could not be accessed). @@ -211,6 +214,15 @@ See Also git-remote-helpers(1), gpg(1) +Credits +======= + +The original author of git-remote-gcrypt was GitHub user bluss. + +The de facto maintainer in 2013 and 2014 was Joey Hess. + +The current maintainer is Sean Whitton <spwhitton@spwhitton.name>. + License ======= diff --git a/debian/changelog b/debian/changelog index 81a4118..aa828c5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,30 @@ +git-remote-gcrypt (1.0.2-1) unstable; urgency=medium + + Bug fixes: + * Correctly handle the case where gcrypt.gpg-args contains more than one + argument, separated by spaces. + Thanks Etienne Brodu for the patch. + + Documentation: + * Drop section "Note to users of GnuPG version 2". + The issue was a regression in GnuPG 2.x, fixed in version 2.1.16. + * Add a note about performance when not using the rsync:// or local backends. + * Add section containing author and maintainer information. + * Add `apt-get` installation instructions, for the benefit of GitHub users. + * Other minor edits and formatting changes. + + Debian packaging: + * Replace quilt patch with code in d/rules to remove installation + instructions from the manpage. + * Depend on gpg | gnupg1 and demote gnupg to a Recommends (Closes: #873498). + At least with passwordless PGP keys, git-remote-gcrypt works fine with + only the gpg package installed. + Thanks to Yuri D'Elia for the report. + * Bump copyright years. + * Bump standards version to 4.1.0 (no changes required). + + -- Sean Whitton <spwhitton@spwhitton.name> Fri, 01 Sep 2017 14:34:35 -0700 + git-remote-gcrypt (1.0.1-1) unstable; urgency=low Upstream: diff --git a/debian/control b/debian/control index 79615b8..fcf6659 100644 --- a/debian/control +++ b/debian/control @@ -3,15 +3,15 @@ Section: vcs Priority: optional Build-Depends: debhelper (>= 10), python-docutils (>= 0.12+dfsg) Maintainer: Sean Whitton <spwhitton@spwhitton.name> -Standards-Version: 3.9.8 +Standards-Version: 4.1.0 Homepage: https://spwhitton.name/tech/code/git-remote-gcrypt/ Vcs-Git: https://git.spwhitton.name/git-remote-gcrypt Vcs-Browser: https://git.spwhitton.name/git-remote-gcrypt Package: git-remote-gcrypt Architecture: all -Depends: git, gnupg | gnupg2, ${misc:Depends} -Recommends: rsync, curl +Depends: git, gpg | gnupg1, ${misc:Depends} +Recommends: rsync, curl, gnupg Description: encrypted git repositories This lets git store git repositories in encrypted form. It supports storing repositories on rsync or sftp servers. diff --git a/debian/copyright b/debian/copyright index c5497b4..4ef440d 100644 --- a/debian/copyright +++ b/debian/copyright @@ -4,11 +4,11 @@ Source: https://git.spwhitton.name/git-remote-gcrypt Files: * Copyright: (C) 2013 engla (C) 2013, 2014 Joey Hess <id@joeyh.name> - (C) 2016 Sean Whitton and contributors + (C) 2016-2017 Sean Whitton and contributors License: GPL-2+ Files: debian/* -Copyright: (C) 2015-2016 Sean Whitton <spwhitton@spwhitton.name> +Copyright: (C) 2015-2017 Sean Whitton <spwhitton@spwhitton.name> (C) 2013, 2014 Joey Hess <id@joeyh.name> License: GPL-2+ diff --git a/debian/patches/0001-Debianise-README.patch b/debian/patches/0001-Debianise-README.patch deleted file mode 100644 index e011664..0000000 --- a/debian/patches/0001-Debianise-README.patch +++ /dev/null @@ -1,24 +0,0 @@ -From: Sean Whitton <spwhitton@spwhitton.name> -Date: Sun, 17 Jan 2016 22:47:52 -0700 -Subject: Debianise-README - -Remove reference to installation. ---- - README.rst | 4 +--- - 1 file changed, 1 insertion(+), 3 deletions(-) - -diff --git a/README.rst b/README.rst -index 148abad..19a9d9d 100644 ---- a/README.rst -+++ b/README.rst -@@ -27,9 +27,7 @@ PLEASE help us evaluate how well we meet this design goal! - Quickstart - .......... - --* Install ``git-remote-gcrypt`` by running the supplied ``install.sh`` script. -- --* Create an encrypted remote by pushing to it:: -+Create an encrypted remote by pushing to it:: - - git remote add cryptremote gcrypt::rsync://example.com:repo - git push cryptremote master diff --git a/debian/patches/series b/debian/patches/series deleted file mode 100644 index 93971b0..0000000 --- a/debian/patches/series +++ /dev/null @@ -1 +0,0 @@ -0001-Debianise-README.patch diff --git a/debian/rules b/debian/rules index 26ba625..42db5da 100755 --- a/debian/rules +++ b/debian/rules @@ -1,4 +1,7 @@ #!/usr/bin/make -f + +manpage = debian/git-remote-gcrypt/usr/share/man/man1/git-remote-gcrypt.1 + %: dh $@ @@ -9,3 +12,9 @@ override_dh_auto_clean: override_dh_auto_install: prefix=/usr DESTDIR=debian/git-remote-gcrypt ./install.sh + # remove installation instructions from manpage (this is + # essentially an automatically-refreshing quilt patch) + gunzip ${manpage}.gz + sed -i ${manpage} -e \ + '/^.SS Installation$$/,/^.SS/{ /^.SS Installation$$/d; /^.SS/!d }' + gzip -n ${manpage} diff --git a/git-remote-gcrypt b/git-remote-gcrypt index 9d4efa6..3b35e1c 100755 --- a/git-remote-gcrypt +++ b/git-remote-gcrypt @@ -379,9 +379,9 @@ rungpg() # due to trying to print messages to it, even if a gpg agent is set # up. --no-tty fixes this. if [ "x$GPG_AGENT_INFO" != "x" ]; then - ${GPG} --no-tty "$@" + ${GPG} --no-tty $@ else - ${GPG} "$@" + ${GPG} $@ fi } |