#!/bin/sh # This hook script prevents the user from pushing to Savannah if any of the new # commits' OpenPGP signatures cannot be verified, or if a commit is signed # with an unauthorized key. # Called by "git push" after it has checked the remote status, but before # anything has been pushed. If this script exits with a non-zero status nothing # will be pushed. # # This hook is called with the following parameters: # # $1 -- Name of the remote to which the push is being done # $2 -- URL to which the push is being done # # If pushing without using a named remote those arguments will be equal. # # Information about the commits which are being pushed is supplied as lines to # the standard input in the form: # # z40=0000000000000000000000000000000000000000 # If deleting a branch, there are no commits to check. if [ "$local_sha" = $z40 ] then true else # Only use the hook when pushing to Savannah. case "$2" in *.gnu.org*) exec make authenticate check-channel-news exit 127 ;; *) exit 0 ;; esac fi