Commit graph

14 commits

Author SHA1 Message Date
Robert Helgesson 4256729006
treewide: deprecate DRY_RUN_CMD and DRY_RUN_NULL
As a replacement, this adds the `run` helper function.
2024-01-24 13:36:05 +01:00
Robert Helgesson a34aaad2ae
gpg: fix URL of key in test case
Fixes #3803
2023-03-25 09:57:33 +01:00
Naïm Favier 5ffb0f1f81
tests: fix gnupg stub (#3685)
systemd now depends on `gnupg.override`, so we need a stub for systemd too.
2023-02-19 11:19:00 +01:00
Gaetan Lepage 054d9e3187
gpg: update hash in test 2022-12-08 16:36:10 +01:00
Robert Helgesson 2499b91692
treewide: apply nixfmt to a few more files 2022-02-27 02:19:44 +01:00
Naïm Favier 78aa7cceff
gpg: allow specifying trust levels by name 2021-12-16 19:06:39 +01:00
Miles Breslin ea1794a798
gpg: support declarative trust and public keys
PR #810
2021-11-26 09:02:36 +01:00
fricklerhandwerk 348b5a5a69
gpg: make homedir configurable 2021-04-14 23:44:34 +02:00
Nicolas Berbiche eb3a0342a8
gpg: allow for duplicate keys in config (#1814)
Allow for duplicate keys in the form of a list of strings.

Also update the `settings` example configuration to use `literalExample`.
2021-02-21 00:37:46 -05:00
Robert Helgesson 45abf3d38a
Apply nixfmt on many files 2020-02-02 01:07:28 +01:00
Robert Helgesson ed9a6e34ad
gpg: remove dummy gnupg package from test
It caused evaluation issues related to systemd.

Fixes #934
2019-12-02 21:16:44 +01:00
Robert Helgesson 797c77a00a
tests: reduce number of downloads
This replaces some derivation outputs by simple strings rather than
full Nix store paths. This removes the need to download the whole
derivation when all we need is a static string.
2019-10-26 13:07:04 +02:00
Bjarki Ágúst Guðmundsson 41f918499b
gpg: sane default for throw-keyids option
The [throw-keyids](https://www.gnupg.org/gph/en/manual/r2110.html)
option "hides the receiver of the encrypted data as a countermeasure
against traffic analysis." However, it also slows down decryption, and
even breaks some applications; see e.g.
https://github.com/open-keychain/open-keychain/issues/626

I think the sane default would be to leave it off, just as it is off
by default in gpg. The typical user will probably not need this level
of security, and will probably prefer a better user experience (faster
decryption and compatibility with a wider range of applications).

Closes #838
2019-09-11 19:30:26 +02:00
Jaka Hudoklin 0db26fc3ab
gpg: add module 2019-06-03 23:50:50 +02:00