Work around a bug in GnuPG by passing it --default-key instead of --local-user when signing a Git commit

This commit is contained in:
Danielle McLean 2017-06-14 11:40:56 +10:00
parent 9d643fad13
commit 7f211abcf8
Signed by: 00dani
GPG key ID: 5A5D2D1AFF12EEC5
3 changed files with 14 additions and 3 deletions

View file

@ -22,7 +22,7 @@
arguments = --preserve-merges arguments = --preserve-merges
[gpg] [gpg]
program = gpg2-no-tty program = gpg2-for-git-signing
[rerere] [rerere]
enabled = true enabled = true

13
local/bin/gpg2-for-git-signing Executable file
View file

@ -0,0 +1,13 @@
#!/bin/zsh
# There's a weird inconsistency between the --default-key and --local-user
# arguments: when you have multiple signing subkeys, --local-user chooses the
# newest, and --default-key chooses the one that's available. The latter is
# clearly preferable. So we shuffle the arguments around a little.
for arg; do
if [[ $arg = -bsau ]]; then
args+=(-bsa --default-key)
else
args+=($arg)
fi
done
exec gpg2 --no-tty "${(@)args}"

View file

@ -1,2 +0,0 @@
#!/bin/sh
exec gpg2 --no-tty "$@"