On 02/03/20 20:59, Sunil Muthuswamy wrote: >> You'd be using it to include a signed tags in a pull requests; that is, >> the git tag that you ask to pull has a cryptographic signature attached >> to it. > Great. Is there a link that I can use to read up on how to get the GPG key > and how to include the signature or what process should I be following?
This guide seems good, though I haven't tried: https://medium.com/@ryanmillerc/use-gpg-signing-keys-with-git-on-windows-10-github-4acbced49f68 You don't need the "git config --local commit.gpgsign true" command, but you will then create a signed tag with git tag -s -f qemu-for-upstream # let's say "mirror" is your github repo git push mirror +tags/for-upstream and send it to Peter. I really think we should document this final step ("send it to Peter") better in the wiki, because the git tools for sending pull requests leave a lot to be desired. Paolo
