Conversation
Add off-tree object-signature verifier implementations for go-git's plugin.Verifier API, mirroring the existing objectsigner plugins: - objectverifier/gpg: verifies armored OpenPGP detached signatures against a keyring (gpg.FromKeyRing), rejecting multi-signature payloads. Includes a conformance suite cross-checked against real `git verify-commit`/`verify-tag`. - objectverifier/ssh: verifies sshsig armored signatures in the "git" namespace against a trusted public key (ssh.FromKey). Both pin the unmerged go-git Verifier work (PR #2235). The integration conformance harness (conformance_*_test.go) is exempted from linting as it shells out to git/gpg. Assisted-by: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: Paulo Gomes <paulo@entire.io>
There was a problem hiding this comment.
Pull request overview
Adds off-tree plugin.Verifier implementations for verifying Git object signatures via OpenPGP (GPG) and SSH (sshsig), along with unit tests and a Linux-only conformance harness that cross-checks behavior against git verify-commit / git verify-tag. Also updates golangci-lint config to exempt the conformance harness from linting.
Changes:
- Add
plugin/objectverifier/gpgverifier with multi-signature rejection and conformance tests against the Git CLI. - Add
plugin/objectverifier/sshverifier that validatessshsigsignatures in thegitnamespace, plus unit tests. - Update
.golangci.yamlto exclude conformance test harness files from linting.
Reviewed changes
Copilot reviewed 10 out of 12 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| plugin/objectverifier/ssh/ssh.go | Implements SSH-based verifier using sshsig in the git namespace. |
| plugin/objectverifier/ssh/ssh_test.go | Unit tests for SSH verifier behavior (valid, tampered, untrusted key, nil message). |
| plugin/objectverifier/ssh/go.mod | Defines standalone module for SSH verifier and its dependencies. |
| plugin/objectverifier/ssh/go.sum | Dependency lockfile for SSH verifier module. |
| plugin/objectverifier/gpg/gpg.go | Implements OpenPGP detached-signature verifier with multi-signature rejection. |
| plugin/objectverifier/gpg/gpg_test.go | Unit tests for GPG verifier behavior (valid, tampered, multi-sig, nil message). |
| plugin/objectverifier/gpg/go.mod | Defines standalone module for GPG verifier and its dependencies. |
| plugin/objectverifier/gpg/go.sum | Dependency lockfile for GPG verifier module. |
| plugin/objectverifier/gpg/conformance_tag_test.go | Linux-only conformance tests aligning tag verification verdicts with Git CLI. |
| plugin/objectverifier/gpg/conformance_commit_test.go | Linux-only conformance tests aligning commit verification verdicts with Git CLI. |
| plugin/objectverifier/gpg/conformance_main_test.go | Shared conformance harness (repo setup, GPG setup, Git CLI helpers). |
| .golangci.yaml | Attempts to exclude conformance harness tests from linting (currently broken by YAML indentation). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+8
to
+12
| # Integration-test harnesses shell out to git/gpg and rely on patterns the | ||
| # production-oriented linters flag (subprocess exec, package-level test | ||
| # state, long table-driven tests). Exempt them from linting. | ||
| paths: | ||
| - conformance_.*_test\.go |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add off-tree object-signature verifier implementations for go-git's plugin.Verifier API, mirroring the existing objectsigner plugins:
git verify-commit/verify-tag.Both pin the unmerged go-git Verifier work (PR #2235). The integration conformance harness (conformance_*_test.go) is exempted from linting as it shells out to git/gpg.
Relates to go-git/go-git#2235 and go-git/go-git#1869.