-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fatal: the receiving end does not support --signed push #525
Comments
Please share your config. Are you committing during your release with this plug-in? Is this commit what is failing, or is it rejecting the tag? |
Hi , Thanks for replying back , here is my config file.
I am not able to pin point where exactly is the issue When the below command is true , i recieve the above error. When i change the push.gpgsign to false , i recieve the below mentioned error. |
Hi , Can someone please help me out here?🙄 |
please avoid pressuring our maintenance team to respond more quickly. we are volunteer maintainers and do not support this project as a full time role. we do our best to help when we are able, but pressuring for faster responses is more likely to result in us being discouraged from interacting than resulting in a faster answer.
i do not know the details of the hook you are working with, but it appears that it is not requiring the push to be signed, but instead the refs that are pushed. i would expect that native git should be enabling you to sign any actual commits, but as a reminder, we discourage making commits during your release if they can be avoided in the context of your project. since it looks like you are only making commits for the changelog file and it appears that you are using github, we instead encourage using github's releases for sharing the release notes for your releases. if you do not make commits during your release, there are no commits to sign, so there is complexity that you could avoid. from the last error you provided (side note: please provide the actual text output as a text block instead of screenshots), it looks like the detail that is being rejected is our use of git notes. those are refs, but a form of ref that git does not natively sign. based on a quick search, here is some confirmation of that point: https://stackoverflow.com/questions/77338186/how-can-i-sign-git-notes#answer-77338208. because git does not natively support signing of notes, we have no intention of enabling any sort of support for signing notes in the core of semantic-release. you will likely need to work with whoever has defined the hook you describe to refine it in a way that it does not prevent pushing git notes, even though they will not be signed. the last part of the equation would be the tag that is added by our core. there are some complexities around signing tags with semantic-release that we have existing conversations happening about. for now, it is best to expect that tags created by semantic-release cannot be signed and there is no defined timeline around that capability even being decided on. if you get your hook updated to allow unsigned git notes and then find that it errors because of an unsigned tag, you may need to make a similar adjustment for that as well. |
Hi, my Github Org has a hook setup , that rejects any commit that is not signed with GPG key.
So i've created a Service account , Created a new GPG key for that service account & configured my GIthub workflow to import the GPG key.
Here is how i am importing my GPG key & installing the semantic release:
i am receving this error. Could someone please help me?
The text was updated successfully, but these errors were encountered: