Signing Key Interface For External Keys

go-gitea / gitea

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD

https://gitea.com

MIT License

45k stars 5.48k forks source link

Signing Key Interface For External Keys #13391

Open xloem opened 4 years ago

xloem commented 4 years ago

It would be nice if there were a way to provide keys that are likely to sign commits in a repository, but aren't actually owned by any users, so that these signatures can be verified. Maybe in a repository administration interface?

If that were done, then it might be nice to display a warning if there are commits that can't be verified. Making that eventually possible could really help code integrity, I think.

zeripath commented 4 years ago

It is intended to add keyring support as another trustmodel.