Description
Description
A commit signed with a GPG key can be shown in grey, orange, or green in the commit list. This issue is about an inconsistency in the colouring of commits signed with a GPG master key versus a GPG subkey.
Steps to reproduce
Prerequisite: Have two verified GPG keys for the user. One with a master key and another with a subkey. Have git set up with a username that is not matching the username in Gitea.
When a commit is signed with a GPG subkey the color is grey and the hover text states "No known key found for this signature in the database". See attached screenshot marked with 1.
When the commit is signed with a GPG master key the color is orange and the hover text reads "Signed by untrusted user who does not match committer: ...". See attached screenshot marked with 2.
I would expect the color to have been orange for both these cases.
Additional info:
- When the username signing the commit matches the Gitea user, then the signed commit is coloured green regardless of whether a GPG master key or a GPG subkey signed the commit. This is expected.
- You must run a recent Gitea to be able to verify a GPG subkey, cf. issue #30189
Gitea Version
1.23.0+dev-39-gca297a90f
Can you reproduce the bug on the Gitea demo site?
Yes
Log Gist
No response
Screenshots
Git Version
1.23-dev
Operating System
Linux (via Docker Desktop on MacOS)
How are you running Gitea?
Running Gitea nightly image from docker hub.
Database
SQLite