gitkeys

package module
v0.1.31 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 12, 2025 License: BSD-3-Clause Imports: 21 Imported by: 0

README

OVERVIEW

Go Reference Go Report Card Go Build

paepcke.de/gitkeys log-store : paepcke.de/keys

git ssh keys logging, stupid simple, fast, local-first

  • perfect companion for age-encryption (have always up-to-date trusted keys)
  • easy to use & review (hash/checksum/protected) clear text database files
  • verify all [ssh-key] signed commits, tags, files - yourself, locally, offline
  • all files are add/append only: we never remove any entries from keys, keys.urls or keys.log
  • all key sets in the keyfile (and the keyfile itself) is protected by (chained) sha512 hash checksums (wip:signatures)
  • 100 % pure go, 100 % pure stdlib only, no external dependencies

RUN

go run paepcke.de/gitkeys/cmd/gitkeys@latest

INSTALL

go install paepcke.de/gitkeys/cmd/gitkeys@latest
DOWNLOAD (prebuild)

github.com/paepckehh/gitkeys/releases

SHOWTIME

Want to use and verify my example store?

git clone https://github.com/paepckehh/keys
cd keys
GITSTORE="." go run paepcke.de/gitkeys/cmd/gitkeys@latest fetch
[gitkeys] SSH Key Transparency Log  : Mode Check [CheckInteg] [AddLocal] [CleanRewrite]
[gitkeys] key file stats            : /usr/store/git/.keys => owner total : 1117
[gitkeys] url file stats            : /usr/store/git/.keys.urls => urls total : 1926
[gitkeys] scan local store for urls : /usr/store/git
[gitkeys] writing clean key file    : /usr/store/git/.keys
[gitkeys] writing clean url file    : /usr/store/git/.keys.urls

Want your own local store?

GITSTORE="/tmp/keystore"
echo "https://github.com/klauspost" > $GITSTORE/.keys.urls
go run paepcke.de/gitkeys/cmd/gitkeys@latest fetch

DOCS

pkg.go.dev/paepcke.de/gitkeys

CONTRIBUTION

Yes, Please! PRs Welcome!

Documentation

Overview

package gitkeys allows you to maintain a local-first git key tranparency log

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Repo 

type Repo struct {
	KeyFile  string
	GitStore string

	Verbose bool
	// contains filtered or unexported fields
}

Repo ...

func NewRepo 

func NewRepo() *Repo

NewRepo ...

func (*Repo) Check 

func (r *Repo) Check() error

Check reads and verifies (when exists) KeyFiles (keys and urls) and scans (when provided) the git repo (read-only) for urls.

func (*Repo) Fetch 

func (r *Repo) Fetch() error

Fetch performes the same actions as Update, but does an online keyfetch download/diff as well.

func (*Repo) Pinonly 

func (r *Repo) Pinonly() string

Pinonly re-calculates the Pin (checksum) of all keys within KeyFile. If checksum is valid, return a verified checksum-pin of KeyFile.

Source Files

View all Source files

Directories

Path Synopsis
cmd
gitkeys command
package main ...
 package main ...

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.