f4609b896f
This also bumps the stable nixpkgs to 20.09 as of 2020-11-21, because there is some breakage in the git build related to the netrc credentials helper which someone has taken care of in nixpkgs. The stable channel is not used for anything other than git, so this should be fine. Change-Id: I3575a19dab09e1e9556cf8231d717de9890484fb
35 lines
1.4 KiB
Text
35 lines
1.4 KiB
Text
gpg.program::
|
|
Use this custom program instead of "`gpg`" found on `$PATH` when
|
|
making or verifying a PGP signature. The program must support the
|
|
same command-line interface as GPG, namely, to verify a detached
|
|
signature, "`gpg --verify $signature - <$file`" is run, and the
|
|
program is expected to signal a good signature by exiting with
|
|
code 0, and to generate an ASCII-armored detached signature, the
|
|
standard input of "`gpg -bsau $key`" is fed with the contents to be
|
|
signed, and the program is expected to send the result to its
|
|
standard output.
|
|
|
|
gpg.format::
|
|
Specifies which key format to use when signing with `--gpg-sign`.
|
|
Default is "openpgp" and another possible value is "x509".
|
|
|
|
gpg.<format>.program::
|
|
Use this to customize the program used for the signing format you
|
|
chose. (see `gpg.program` and `gpg.format`) `gpg.program` can still
|
|
be used as a legacy synonym for `gpg.openpgp.program`. The default
|
|
value for `gpg.x509.program` is "gpgsm".
|
|
|
|
gpg.minTrustLevel::
|
|
Specifies a minimum trust level for signature verification. If
|
|
this option is unset, then signature verification for merge
|
|
operations require a key with at least `marginal` trust. Other
|
|
operations that perform signature verification require a key
|
|
with at least `undefined` trust. Setting this option overrides
|
|
the required trust-level for all operations. Supported values,
|
|
in increasing order of significance:
|
|
+
|
|
* `undefined`
|
|
* `never`
|
|
* `marginal`
|
|
* `fully`
|
|
* `ultimate`
|