Git signing compatability

[portiaweb]

Thank you for the work on gosop however are there any plans to make it compatible with git ?

As per the git docs (https://git-scm.com/docs/git-config#Documentation/git-config.txt-gpgprogram), it needs to be able to parse the following flags/args format:

gpg --verify $signature - <$file and gpg -bsau $key

It would be great if you could support this because there is currently no alternative to gpg and something using rust or go would be a much better alternative (easier to compile, especially cross-platform compile). The various sequoia implementations from rust still seem to be far away from this.

[twiss]

Hello :wave: gosop (and other sop implementations) implement the sop standard, which is separate from and not meant to be compatible with gpg, so we aren't planning to support the mentioned syntax. Since sop is a draft standard, unlike the gpg cli, it might be worth proposing to add support for this syntax to git? (Note, though, that since this is a stateless interface, it does not keep around private keys, and so those would need to be managed by git.)

[dkg]

Please note https://gitlab.com/dkg/openpgp-stateless-cli/-/issues/46 for more thoughts about integrating sop and git.