[FFmpeg-devel] [PATCH 2/2] doc/git-howto.texi: Document commit signing

Michael Niedermayer michael at niedermayer.cc
Mon Aug 8 17:50:08 EEST 2022


From: Michael Niedermayer <michael-git at niedermayer.cc>

---
 doc/git-howto.texi | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/doc/git-howto.texi b/doc/git-howto.texi
index 874afabbbc..9c74199495 100644
--- a/doc/git-howto.texi
+++ b/doc/git-howto.texi
@@ -187,11 +187,18 @@ to make sure you don't have untracked files or deletions.
 git add [-i|-p|-A] <filenames/dirnames>
 @end example
 
-Make sure you have told Git your name and email address
+Make sure you have told Git your name, email address and GPG key
 
 @example
 git config --global user.name "My Name"
 git config --global user.email my@@email.invalid
+git config --global user.signingkey ABCDEF0123245
+ at end example
+
+Enable signing all commits or use -S
+
+ at example
+git config --global commit.gpgsign true
 @end example
 
 Use @option{--global} to set the global configuration for all your Git checkouts.
@@ -423,6 +430,18 @@ git checkout -b svn_23456 $SHA1
 where @var{$SHA1} is the commit hash from the @command{git log} output.
 
 
+ at chapter gpg key generation
+
+If you have no gpg key yet, we recommand that you create a ed25519 based key as it
+is small, fast and secure. Especially it results in small signatures in git.
+
+ at example
+gpg --default-new-key-algo "ed25519/cert,sign+cv25519/encr" --quick-generate-key "human at server.com"
+ at end example
+
+When genarting a key, make sure the email specified matches the email used in git as some sites like
+github consider mismatches a reason to declare such commits unverified.
+
 @chapter Pre-push checklist
 
 Once you have a set of commits that you feel are ready for pushing,
-- 
2.17.1



More information about the ffmpeg-devel mailing list