You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Nov 1, 2017. It is now read-only.
Copy file name to clipboardExpand all lines: content/v3/git/commits.md
+31Lines changed: 31 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -83,4 +83,35 @@ To receive signature verification data in commit objects you must provide a cust
83
83
<%= headers 200 %>
84
84
<%= json(:signed_git_commit) %>
85
85
86
+
###The`verification` object
87
+
88
+
The response will include a`verification` field whose value is an object describing the result of verifying the commit's signature. The following fields are included in the`verification` object:
89
+
90
+
Name | Type | Description
91
+
-----|------|--------------
92
+
`verified`|`boolean` | Does GitHub consider the signature in this commit to be verified?
93
+
`reason`|`string` | The reason for`verified` value. Possible values and their meanings are enumerated in the table bellow.
94
+
`signature`|`string` | The signature that was extracted from the commit.
95
+
`payload`|`string` | The value that was signed.
96
+
97
+
####The`reason` field
98
+
99
+
The following are possible`reason`s that may be included in the`verification` object:
100
+
101
+
Value | Description
102
+
------|------------
103
+
`expired_key` | The key that made the signature is expired.
104
+
`not_signing_key` | The "signing" flag is not among the usage flags in the GPG key that made the signature.
105
+
`gpgverify_error` | There was an error communicating with the signature-verification service.
106
+
`gpgverify_unavailable` | The signature-verification service is currently unavailable.
107
+
`unsigned` | The object does not include a signature.
108
+
`unkown_signature_type` | A non-PGP signature was found in the commit.
109
+
`no_user` | No user was associated with the`committer` email address in the commit.
110
+
`unverified_email` | The`committer` email address in the commit was associated with a user, but the email address is not verified on her/his account.
111
+
`bad_email` | The`committer` email address in the commit is not included in the identities of the PGP key that made the signature.
112
+
`unknown_key` | The key that made the signature has not been registered with any user's account.
113
+
`malformed_signature` | There was an error parsing the signature.
114
+
`invalid` | The signature could not be cryptographically verified using the key whose key-id was found in the signature.
115
+
`valid` | None of the above errors applied, so the signature is considered to be verified.
Copy file name to clipboardExpand all lines: content/v3/git/tags.md
+30Lines changed: 30 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -87,5 +87,35 @@ To receive signature verification data in tag objects you must provide a custom
87
87
<%= headers 200 %>
88
88
<%= json(:signed_gittag) %>
89
89
90
+
###The`verification` object
91
+
92
+
The response will include a`verification` field whose value is an object describing the result of verifying the tag's signature. The following fields are included in the`verification` object:
93
+
94
+
Name | Type | Description
95
+
-----|------|--------------
96
+
`verified`|`boolean` | Does GitHub consider the signature in this tag to be verified?
97
+
`reason`|`string` | The reason for`verified` value. Possible values and their meanings are enumerated in the table bellow.
98
+
`signature`|`string` | The signature that was extracted from the tag.
99
+
`payload`|`string` | The value that was signed.
100
+
101
+
####The`reason` field
102
+
103
+
The following are possible`reason`s that may be included in the`verification` object:
104
+
105
+
Value | Description
106
+
------|------------
107
+
`expired_key` | The key that made the signature is expired.
108
+
`not_signing_key` | The "signing" flag is not among the usage flags in the GPG key that made the signature.
109
+
`gpgverify_error` | There was an error communicating with the signature-verification service.
110
+
`gpgverify_unavailable` | The signature-verification service is currently unavailable.
111
+
`unsigned` | The object does not include a signature.
112
+
`unkown_signature_type` | A non-PGP signature was found in the tag.
113
+
`no_user` | No user was associated with the`tagger` email address in the tag.
114
+
`unverified_email` | The`tagger` email address in the tag was associated with a user, but the email address is not verified on her/his account.
115
+
`bad_email` | The`tagger` email address in the tag is not included in the identities of the PGP key that made the signature.
116
+
`unknown_key` | The key that made the signature has not been registered with any user's account.
117
+
`malformed_signature` | There was an error parsing the signature.
118
+
`invalid` | The signature could not be cryptographically verified using the key whose key-id was found in the signature.
119
+
`valid` | None of the above errors applied, so the signature is considered to be verified.
Copy file name to clipboardExpand all lines: content/v3/repos/commits.md
+31Lines changed: 31 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -109,4 +109,35 @@ To receive signature verification data in commit objects you must provide a cust
109
109
<%= headers 200 %>
110
110
<%= json(:signed_commit) %>
111
111
112
+
###The`verification` object
113
+
114
+
The response will include a`verification` field whose value is an object describing the result of verifying the commit's signature. The following fields are included in the`verification` object:
115
+
116
+
Name | Type | Description
117
+
-----|------|--------------
118
+
`verified`|`boolean` | Does GitHub consider the signature in this commit to be verified?
119
+
`reason`|`string` | The reason for`verified` value. Possible values and their meanings are enumerated in the table bellow.
120
+
`signature`|`string` | The signature that was extracted from the commit.
121
+
`payload`|`string` | The value that was signed.
122
+
123
+
####The`reason` field
124
+
125
+
The following are possible`reason`s that may be included in the`verification` object:
126
+
127
+
Value | Description
128
+
------|------------
129
+
`expired_key` | The key that made the signature is expired.
130
+
`not_signing_key` | The "signing" flag is not among the usage flags in the GPG key that made the signature.
131
+
`gpgverify_error` | There was an error communicating with the signature-verification service.
132
+
`gpgverify_unavailable` | The signature-verification service is currently unavailable.
133
+
`unsigned` | The object does not include a signature.
134
+
`unkown_signature_type` | A non-PGP signature was found in the commit.
135
+
`no_user` | No user was associated with the`committer` email address in the commit.
136
+
`unverified_email` | The`committer` email address in the commit was associated with a user, but the email address is not verified on her/his account.
137
+
`bad_email` | The`committer` email address in the commit is not included in the identities of the PGP key that made the signature.
138
+
`unknown_key` | The key that made the signature has not been registered with any user's account.
139
+
`malformed_signature` | There was an error parsing the signature.
140
+
`invalid` | The signature could not be cryptographically verified using the key whose key-id was found in the signature.
141
+
`valid` | None of the above errors applied, so the signature is considered to be verified.
