Skip to content

Respect commit.gpgsign config in auto-commit strategy #313

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
oryanmoshe wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Respect commit.gpgsign config in auto-commit strategy #313

oryanmoshe wants to merge 1 commit into from
+259 −0

Conversation

@oryanmoshe
Copy link

@oryanmoshe oryanmoshe commented Feb 12, 2026
edited
Loading

Summary

  • When commit.gpgsign=true is set in git config, commitOrHead() now falls back to the git CLI so commits are properly signed
  • The go-git code path is completely unchanged when signing is not configured
  • Only affects user-facing commits on the active branch; internal checkpoint/shadow branch commits are untouched

Fixes #311

Why git CLI instead of go-git?

go-git v5's CommitOptions.SignKey only accepts *openpgp.Entity — an in-process OpenPGP key. This means it cannot handle:

  • SSH signing (gpg.format = ssh) — increasingly common, GitHub's default recommendation
  • gpg-agent — most GPG users rely on the agent for passphrase caching and hardware key access
  • Hardware tokens (YubiKey, etc.) — the agent mediates access; go-git can't talk to it
  • X.509 signing (gpg.format = x509) — used in enterprise environments

The git CLI handles all of these automatically based on the user's config. This is the same pattern used by HardResetWithProtection and CheckoutBranch in this codebase — go-git is preferred, but the CLI is used when go-git has a gap:

// common.go – HardResetWithProtection
// "Uses the git CLI instead of go-git because go-git's HardReset incorrectly
// deletes untracked directories"

// git_operations.go – CheckoutBranch
// "Uses git CLI instead of go-git to work around go-git v5 bug where Checkout
// deletes untracked files"

The signing gap is similar: go-git can create commits but can't sign them in a way that covers all methods users actually use.

What changed

auto_commit.go — 3 functions added/modified:

  • commitOrHead() — checks shouldSignCommits() before the existing go-git path. When false (most users), behavior is identical to before.
  • shouldSignCommits() — reads commit.gpgsign via git config --get (respects local/global/system/includes).
  • commitWithCLI() — creates the commit via git commit, with the same empty-commit handling as the go-git path.

auto_commit_test.go — 4 new tests:

  • TestShouldSignCommits_Disabled / _Enabled — config detection
  • TestCommitWithCLI_CreatesCommit — verifies commit message and author
  • TestCommitWithCLI_EmptyCommit — returns HEAD hash (matches go-git behavior)

Verified end-to-end

Tested with a fresh repo, commit.gpgsign=true, auto-commit strategy:

$ git log -1 --show-signature
commit b07b8ca...
gpg: Signature made Thu Feb 12 22:41:37 2026 IST
gpg:                using EDDSA key B1682980C361FE9099B5B91843D93E80972F401A
gpg: Good signature from "Oryan Moshe <43927816+oryanmoshe@users.noreply.github.com>" [ultimate]

    Add a hello world function

    Entire-Checkpoint: b540e82835a1

Without this fix, the same commit would have no signature (go-git ignores commit.gpgsign).

Test plan

  • TestShouldSignCommits_Disabled — returns false when gpgsign=false
  • TestShouldSignCommits_Enabled — returns true when gpgsign=true
  • TestCommitWithCLI_CreatesCommit — CLI path creates commit with correct message/author
  • TestCommitWithCLI_EmptyCommit — CLI path returns HEAD hash for empty commits
  • Full test suite passes (mise run test:ci — unit + integration with race detection)
  • End-to-end: verified signed commit in fresh repo with commit.gpgsign=true

🤖 Generated with Claude Code

@oryanmoshe oryanmoshe requested a review from a team as a code owner February 12, 2026 20:33
@oryanmoshe @claude
Respect commit.gpgsign git config in auto-commit strategy
86edbb5 
When users have commit.gpgsign=true, go-git's worktree.Commit()
creates unsigned commits. Fall back to git CLI when signing is
enabled, which handles GPG, SSH, and X.509 automatically. The
go-git path is unchanged when signing is not configured.

Follows the existing CLI fallback pattern (HardResetWithProtection,
CheckoutBranch).

Fixes entireio#311

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@oryanmoshe oryanmoshe force-pushed the fix/respect-commit-gpgsign branch from 7c06361 to 86edbb5 Compare February 12, 2026 20:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Commits don't respect commit.gpgsign git config (unsigned commits)

1 participant

@oryanmoshe