Reputation: 21757
How can I sign each (even old) commit in the repository?
Note that I am talking about GPG signing (-S) and not the "signoff" feature (-s)!
I have a git repository in which I would like to sign all my commits, even if they are really old commits. I am aware, that this will change the history, and that other people based on this repo will no longer be able to push their changes. This is not an issue for me, and I am fully aware of the implications.
I was thinking about a rebase -i command, but then I would lose all branch information and would flatten the whole history. Additionally, there are commits which are not by me, and I would like to keep those as-is.
Is there a way of doing this?
Upvotes: 4
Views: 910
Answers (3)
Reputation: 21757
Well, after two days, @meagar still has not reformatted it as an answer, so here it is:
This makes no sense. It is not something you should do, or need to do, or is supported behaviour. Just sign the current commit. The entire point of signing is that, by signing a commit, you're signing all previous commits. Any given commit is by definition the sum of all previous commits. You sign off on one, you've implicitly signed off on every commit that is reachable from the one you've signed.
His comment makes perfect sense and answers my question! Having one signed commit in the graph, effectively puts a "stamp of approval" on that branch up to "beginning of time". Which is what I am really looking for. Signing each commit is unnecessary!
If you have more than one un-merged branch you could put a "signing" commit on each of them.
Upvotes: 0
Reputation: 4727
This will do the trick:
git filter-branch --commit-filter 'git commit-tree -S "$@"'
However, meagar's point is correct. Signing one commit is "philosophically" equivalent to signing all the previous commits.
Upvotes: 2
Reputation: 139711
You’re correct that rewriting published history will cause irritation for your collaborators.
For what you want to do, I recommend creating new signed tags. Say the SHA-1 of one of your commits is abc123. In that case, run
$ git tag -s abc123
See the git tag documentation for details.
Upvotes: 3
Related Questions
- Is there a way to "autosign" commits in Git with a GPG key?
- How do I sign git commits using my existing ssh key
- Is there a way to gpg sign all previous commits?
- Signing an existing commit with GPG
- Issues with signing git commits with GPG
- Sign git commits with GPG
- Re-sign previous commits without changing commit hash and preserving tags
- Retroactively sign git commits
- How to sign my commits to Github repository where I am not the owner?
- git gpg sign everything