Skip to content

Add support for GPG subkeys in signature verification

What does this MR do?

Add support to extract the GPG subkeys when a new public key is uploaded. This subkeys are used when we verify the signature of a Commit.

Are there points in the code the reviewer needs to double check?

Why was this MR needed?

Commits signed with a GPG subkey were being flagged as unverified due to the lack of support to read GPG subkeys when performing the verification.

Screenshots (if relevant)

This is how the GPG keys index page looks now

Screen_Shot_2017-09-27_at_8.41.23_PM

Does this MR meet the acceptance criteria?

What are the relevant issue numbers?

Closes #36829 (closed)

Edited by Rubén Dávila

Merge request reports

Loading